[Openswan Users] x509 auth unable to find suitable connection
paul at xelerance.com
Wed Feb 16 11:18:17 EST 2011
On Wed, 16 Feb 2011, Mariusz Kruk wrote:
> I'm trying to set up a IPSEC/L2TP connection between Windows roadwarrior
> Linux server. With PSK everything works perfectly. When I try to switch
> certs, I can't connect. I'm just getting "no suitable connection found".
What does ipsec auto --listall say?
> Feb 16 11:48:38 epsilon pluto: "l2tp-cert" 220.127.116.11 #1: no crl from issuer "O=avl, OU=Organizational CA" found (strict=no)
> Feb 16 11:48:38 epsilon pluto: | subject: 'O=avl, OU=Organizational CA'
> Feb 16 11:48:38 epsilon pluto: | issuer: 'O=avl, OU=Organizational CA'
There is no CN= in your CA certs?
More information about the Users