[Openswan Users] My private keys not showing up with --listall

OCG Technical Support support at ocg.ca
Tue Oct 14 09:38:45 EDT 2008

How about the "1:RSA (none)(none)" line?  What does the (none)(none) mean?


Could someone post the output from their system for comparison?




From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
Behalf Of OCG Technical Support
Sent: October 14, 2008 1:50 AM
To: users at openswan.org
Subject: [Openswan Users] My private keys not showing up with --listall


I'm new to IPsec so forgive me if I'm missing something obvious here!
Here's what I've done:


1.      I create a private key for my ipsec gateway with the command:

openssl req -new -keyout firewall-private-key.pem -out firewall-request.der

2.      I copied the "firewall-private-key.pem" to /etc/ipsec.d/private

3.      I use my Windows 2003 CA to generate a "web server" certificate,
pasting in the key from the stop above

4.      I got the generated certificates in DER and Base64 format, and
copied them into my gateway's /etc/ipsec.d/certs folder as

5.      I edited my /etc/ipsec.secrets to include this line

: RSA firewall-private-key.pem "password

6.      I restarted ipsec, and there are no errors

7.      I ran "ipsec auto -listall" and here's what I see:



000 List of Public Keys:


000 List of Pre-shared secrets (from /etc/ipsec.secrets)

000     1: RSA (none) (none)

000     1: RSA (none) (none)


000 List of X.509 CA Certificates:


000 Oct 14 01:16:41 2008, count: 1

000        subject: 'DC=ca, DC=ocg, CN=OCG Certificate Authority'

000        issuer:  'DC=ca, DC=ocg, CN=OCG Certificate Authority'

000        serial:   1b:47:28:ee:e3:c6:a3:b9:4d:b7:a8:38:c4:67:27:90

000        pubkey:   2048 RSA Key AwEAAcBVF

000        validity: not before Sep 28 23:06:37 2006 ok

000                  not after  Sep 28 23:14:33 2031 ok

000        subjkey:


Why is my private key not showing up?  My CA key shows up....

Should my public key show up in the list?


I'm lost...







-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20081014/d95f51e9/attachment-0001.html 

More information about the Users mailing list