[Openswan Users] Certificates and roadwarriors

Martin Spinassi martins.listz at gmail.com
Sun Jul 5 20:43:26 EDT 2009

Hi again list!

I've finally managed to make a working installation of openswan with
certificates. But I'm missing something.

I'd like to give to each roadwarrior user a unique certificate, but
ipsec.conf needs a leftcert or some statical cert file, but it just works
with one roadwarrior user, right?

If I try to authenticate with a user with a different certificate than
configured in ipsec.conf, I get this error:

"no suitable connection for peer"

Probably I must understand something with certificates, or it just work with
one certificate for every "conn" config...I know I'm missing something , but
just doesn't know what is it exactly.

I've read some documents of how to make differents certificates (with CA.sh
or openssl), but every "newreq" gets a "newcert" when it gets signed, but
moving it to the cert directory of ipsec doesn't do the trick.

Any link or enlightment is really aprecciated!


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090705/00b47ccc/attachment.html 

More information about the Users mailing list