[Openswan Users] oakley.log for letoto
James
james at nttmcl.com
Mon Jun 4 13:09:13 EDT 2007
Jacco de Leeuw wrote:
>
>> oh also on the windows side the built in xp client says
>> "no valid machine certificate on your computer for security
>> authentication"
>> i used certimport.exe to import the .p12 file
>> my exact steps are as follows
>
> http://www.jacco2.dds.nl/networking/win2000xp-openswan.html#Error781
>
> Looks like your PKCS#12 file does not contain a private key.
>
> Jacco
I'm pretty sure my p12 file has a key file in it, but i dunno if windows
is reading it or something maybe.
I had the experience with the linux clients that if the key information
wasn't on top in the key file then it wouldn't read the private key.
so if in the key file it had the cert first then key then the
ipsec.secrets would fail. but if i had the key info first then cert
after it would be successful.
but as for the p12 file i can do a
shell> openssl pkcs12 -in client.p12 -out client.pem
i see the following
machine certfiicate
ca certificate
private key
so anything else i should check?
More information about the Users
mailing list