[Openswan Users] NSS error on Centos-5

Ondrej Valousek webserv at s3group.cz
Wed Dec 16 03:50:10 EST 2009


Hi Andreas,

Yes you were right, I imported the p12 file from my firewall incorrectly 
and lost the private key.
My fault, sorry for wasting your time.

Ondrej


On 16.12.2009 07:51, Andreas Rehmer wrote:
> Hi,
>
> for me its seemed that openswan is searching for the privat key from 
> the certificate. Did you modifiy the /etc/ipsec.secrets corectly?
>
> Mit freundlichen Grüßen
>
> Andreas Rehmer - IT
> --------------
> Tel.: 030/453081-506
>
>
>
>
> teltarif.de Onlineverlag GmbH
> Alt-Moabit 96c, 10559 Berlin
> Tel:  +49 (0)30 453 081-0
> Fax:  +49 (0)30 453 081-11
> Mail: mailto:info at teltarif.de
> WWW:  http://www.teltarif.de
>
> Geschäftsführer: Kai Petzke, Martin Müller
> eingetragen beim Amtsgericht Berlin-Charlottenburg, HRB 70507
> Umsatzsteuer-ID: DE201038407
>
> Sie suchen Kunden mit hoher Bildung, hohem Einkommen und starkem
> Interesse am E-Commerce?
> Mit Werbung auf teltarif.de erreichen Sie diese Kunden!
> weitere Informationen: http://www.teltarif.de/mediadaten
>
>
> On Tue, 15 Dec 2009, Ondrej Valousek wrote:
>
>> Date: Tue, 15 Dec 2009 12:35:07
>> From: Ondrej Valousek <webserv at s3group.cz>
>> To: users at openswan.org
>> Subject: [Openswan Users] NSS error on Centos-5
>>
>> Hi all,
>>
>> I am using openswan on Centos-5 and I am receiving strange errors 
>> when connection to my Checkpoint firewall
>>
>> Dec 15 12:14:06 ondar pluto[28792]: | emitting length of ISAKMP 
>> Identification Payload (IPsec DOI): 72
>> Dec 15 12:14:06 ondar pluto[28792]: | started looking for secret for 
>> O=seat..6fjwat, OU=users, CN=ondrejv-unix->193.85.188.82 of kind PPK_RSA
>> Dec 15 12:14:06 ondar pluto[28792]: | actually looking for secret for 
>> O=seat..6fjwat, OU=users, CN=ondrejv-unix->193.85.188.82 of kind PPK_RSA
>> Dec 15 12:14:06 ondar pluto[28792]: | line 1: key type 
>> PPK_RSA(O=seat..6fjwat, OU=users, CN=ondrejv-unix) to type PPK_RSA
>> Dec 15 12:14:06 ondar pluto[28792]: | 1: compared key (none) to 
>> O=seat..6fjwat, OU=users, CN=ondrejv-unix / 193.85.188.82 -> 2
>> Dec 15 12:14:06 ondar pluto[28792]: | 2: compared key (none) to 
>> O=seat..6fjwat, OU=users, CN=ondrejv-unix / 193.85.188.82 -> 2
>> Dec 15 12:14:06 ondar pluto[28792]: | line 1: match=2
>> Dec 15 12:14:06 ondar pluto[28792]: | best_match 0>2 best=0x94650e8 
>> (line=1)
>> Dec 15 12:14:06 ondar pluto[28792]: | concluding with best_match=2 
>> best=0x94650e8 (lineno=1)
>> Dec 15 12:14:06 ondar pluto[28792]: "Prague" #1: Can't find the 
>> private key from the NSS CERT (err -8166)
>>
>> FIPS is disabled on my system and my NSS database has no password.
>> I am bit lost about this problem (tried also googling around) so I am 
>> happy for any advice.
>> Many thanks,
>>
>> Ondrej
>>
>>
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>    

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20091216/82826838/attachment.html 


More information about the Users mailing list