[Openswan Users] NSS error on Centos-5

Andreas Rehmer rehmer at teltarif.de
Wed Dec 16 01:51:55 EST 2009


Hi,

for me its seemed that openswan is searching for the privat key from the 
certificate. Did you modifiy the /etc/ipsec.secrets corectly?

Mit freundlichen Grüßen

Andreas Rehmer - IT
--------------
Tel.: 030/453081-506




teltarif.de Onlineverlag GmbH
Alt-Moabit 96c, 10559 Berlin
Tel:  +49 (0)30 453 081-0
Fax:  +49 (0)30 453 081-11
Mail: mailto:info at teltarif.de
WWW:  http://www.teltarif.de

Geschäftsführer: Kai Petzke, Martin Müller
eingetragen beim Amtsgericht Berlin-Charlottenburg, HRB 70507
Umsatzsteuer-ID: DE201038407

Sie suchen Kunden mit hoher Bildung, hohem Einkommen und starkem
Interesse am E-Commerce?
Mit Werbung auf teltarif.de erreichen Sie diese Kunden!
weitere Informationen: http://www.teltarif.de/mediadaten


On Tue, 15 Dec 2009, Ondrej Valousek wrote:

> Date: Tue, 15 Dec 2009 12:35:07
> From: Ondrej Valousek <webserv at s3group.cz>
> To: users at openswan.org
> Subject: [Openswan Users] NSS error on Centos-5
> 
> Hi all,
> 
> I am using openswan on Centos-5 and I am receiving strange errors when connection to my Checkpoint firewall
> 
> Dec 15 12:14:06 ondar pluto[28792]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 72
> Dec 15 12:14:06 ondar pluto[28792]: | started looking for secret for O=seat..6fjwat, OU=users, CN=ondrejv-unix->193.85.188.82 of kind PPK_RSA
> Dec 15 12:14:06 ondar pluto[28792]: | actually looking for secret for O=seat..6fjwat, OU=users, CN=ondrejv-unix->193.85.188.82 of kind PPK_RSA
> Dec 15 12:14:06 ondar pluto[28792]: | line 1: key type PPK_RSA(O=seat..6fjwat, OU=users, CN=ondrejv-unix) to type PPK_RSA
> Dec 15 12:14:06 ondar pluto[28792]: | 1: compared key (none) to O=seat..6fjwat, OU=users, CN=ondrejv-unix / 193.85.188.82 -> 2
> Dec 15 12:14:06 ondar pluto[28792]: | 2: compared key (none) to O=seat..6fjwat, OU=users, CN=ondrejv-unix / 193.85.188.82 -> 2
> Dec 15 12:14:06 ondar pluto[28792]: | line 1: match=2
> Dec 15 12:14:06 ondar pluto[28792]: | best_match 0>2 best=0x94650e8 (line=1)
> Dec 15 12:14:06 ondar pluto[28792]: | concluding with best_match=2 best=0x94650e8 (lineno=1)
> Dec 15 12:14:06 ondar pluto[28792]: "Prague" #1: Can't find the private key from the NSS CERT (err -8166)
> 
> FIPS is disabled on my system and my NSS database has no password.
> I am bit lost about this problem (tried also googling around) so I am happy for any advice.
> Many thanks,
> 
> Ondrej
> 
>
-------------- next part --------------
_______________________________________________
Users at openswan.org
http://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with Openswan: 
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155


More information about the Users mailing list