[Openswan Users] Using x.509 certificates without CA - INVALID_KEY_INFORMATION

Paul Wouters paul at xelerance.com
Mon May 16 19:38:40 EDT 2011

On Sat, 14 May 2011, elison.niven at gmail.com wrote:

> ipsec.conf on both machines is similar :
> conn temp
>    left=....
>    right=.....
>    leftcert=west.cert
>    rightcert=east.cert
>    auto=add

> The error I am getting on giving ipsec auto --up temp is


Note that if not using CAs, you are better of just using raw RSA keys
instead of X.509 certs.


More information about the Users mailing list