[Openswan Users] Using x.509 certificates without CA - INVALID_KEY_INFORMATION
elison.niven at gmail.com
elison.niven at gmail.com
Tue May 17 08:23:18 EDT 2011
Hi Paul,
Thanks a lot, it worked !
Regards,
Elison
On Tue, May 17, 2011 at 5:08 AM, Paul Wouters <paul at xelerance.com> wrote:
> On Sat, 14 May 2011, elison.niven at gmail.com wrote:
>
>> ipsec.conf on both machines is similar :
>> conn temp
>> left=....
>> right=.....
>> leftcert=west.cert
>> rightcert=east.cert
>> auto=add
>
>> The error I am getting on giving ipsec auto --up temp is
>> INVALID_KEY_INFORMATION.
>
> leftid=%fromcert
> rightid=%fromcert
>
> Note that if not using CAs, you are better of just using raw RSA keys
> instead of X.509 certs.
>
> Paul
>
More information about the Users
mailing list