[Openswan Users] [Openswan dev] X.509 in openswan

Tue Nov 14 22:46:23 EST 2006

$ ipsec auto --listall
000
000 List of Public Keys:
000
000 Nov 15 03:40:28 2006, 1024 RSA Key AwEAAb9RN, until Dec 15 02:15:46 2006 ok
000        ID_DER_ASN1_DN 'C=cn, ST=hb, L=wh, O=tc, OU=ip, CN=ll,
E=antzcn at gmail.com'
000        Issuer 'C=cn, ST=hb, L=wh, O=tc, OU=ip, CN=ll, E=antzcn at gmail.com'
000
000 List of X.509 End Certificates:
000
000 Nov 15 03:40:28 2006, count: 1
000        subject: 'C=cn, ST=hb, L=wh, O=tc, OU=ip, CN=ll, E=antzcn at gmail.com'
000        issuer:  'C=cn, ST=hb, L=wh, O=tc, OU=ip, CN=ll, E=antzcn at gmail.com'
000        serial:   00:80:03:c8:30:c2:21:b0:d2
000        pubkey:   1024 RSA Key AwEAAb9RN, has private key
000        validity: not before Nov 15 02:15:46 2006 ok
000                  not after  Dec 15 02:15:46 2006 warning (expires
in 29 days)
000        subjkey:  46:5d:13:73:60:a7:52:b0:f3:72:00:f2:83:7a:d8:ed:a8:1d:71:ef
000        authkey:  46:5d:13:73:60:a7:52:b0:f3:72:00:f2:83:7a:d8:ed:a8:1d:71:ef
000        aserial:  00:80:03:c8:30:c2:21:b0:d2
000 Nov 15 03:40:28 2006, count: 1
000        subject: 'C=cn, ST=hb, L=wh, O=tc, OU=ip, CN=ll, E=antzcn at gmail.com'
000        issuer:  'C=cn, ST=hb, L=wh, O=tc, OU=ip, CN=ll, E=antzcn at gmail.com'
000        serial:   00:c3:10:5e:23:76:d2:fa:72
000        pubkey:   1024 RSA Key AwEAAdqR/
000        validity: not before Nov 15 02:16:32 2006 ok
000                  not after  Dec 15 02:16:32 2006 warning (expires
in 29 days)
000        subjkey:  f1:94:40:14:48:4f:de:c0:1b:8c:11:0e:85:a9:45:4d:b9:fa:a9:d4
000        authkey:  f1:94:40:14:48:4f:de:c0:1b:8c:11:0e:85:a9:45:4d:b9:fa:a9:d4
000        aserial:  00:c3:10:5e:23:76:d2:fa:72


$ ipsec secrets

Nov 15 03:42:21 localhost pluto[9438]: |
Nov 15 03:42:21 localhost pluto[9438]: | *received whack message
Nov 15 03:42:21 localhost pluto[9438]: forgetting secrets
Nov 15 03:42:21 localhost pluto[9438]: loading secrets from "/etc/ipsec.secrets"
Nov 15 03:42:21 localhost pluto[9438]:   loaded private key file
'/etc/ipsec.d/private/west.key' (963 bytes)
Nov 15 03:42:21 localhost pluto[9438]: |   file content is not binary ASN.1
Nov 15 03:42:21 localhost pluto[9438]: |   -----BEGIN RSA PRIVATE KEY-----
Nov 15 03:42:21 localhost pluto[9438]: |   Proc-Type: 4,ENCRYPTED
Nov 15 03:42:21 localhost pluto[9438]: |   DEK-Info:
DES-EDE3-CBC,EA80AC1261EC709E
Nov 15 03:42:21 localhost pluto[9438]: |   -----END RSA PRIVATE KEY-----
Nov 15 03:42:21 localhost pluto[9438]: |   file coded in PEM format
Nov 15 03:42:21 localhost pluto[9438]: | L0 - RSAPrivateKey:
Nov 15 03:42:21 localhost pluto[9438]: | L1 - version:
Nov 15 03:42:21 localhost pluto[9438]: | L1 - modulus:
Nov 15 03:42:21 localhost pluto[9438]: | L1 - publicExponent:
Nov 15 03:42:21 localhost pluto[9438]: | L1 - privateExponent:
Nov 15 03:42:21 localhost pluto[9438]: | L1 - prime1:
Nov 15 03:42:21 localhost pluto[9438]: | L1 - prime2:
Nov 15 03:42:21 localhost pluto[9438]: | L1 - exponent1:
Nov 15 03:42:21 localhost pluto[9438]: | L1 - exponent2:
Nov 15 03:42:21 localhost pluto[9438]: | L1 - coefficient:
Nov 15 03:42:21 localhost pluto[9438]: | loaded private key for keyid:
PPK_RSA:AwEAAb9RN
Nov 15 03:42:21 localhost pluto[9438]: | next event EVENT_SHUNT_SCAN
in 6 seconds


On 11/15/06, Paul Wouters <paul at xelerance.com> wrote:
> On Wed, 15 Nov 2006, AntZ wrote:
>
> > I'm sure the passphrase is right. I think my problem is similar with this:
> > http://lists.openswan.org/pipermail/users/2004-August/001913.html
> >
> > But I cannot solve the problem. Thank you!
>
> do ipsec auto --listall and it will show you all the X.509 information
> that got loaded. Note you need "has private key" for the certificate that
> represents your local machine.
>
> Paul
> --
> Building and integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>


-- 
http://antzcn.googlepages.com/