Hello misc, how are you? I've got this scenario:
A ikev2 passive server in France that got: A CA A server certificate for tls server And a client certificate for tls client I export the CA in PEM format and put it on /etc/iked/ca Next I export the private key and the certificate and put it on: /etc/iked/private/client.key And the certificate I put it on /etc/iked/pubkeys/ufqdn I also export the PEM of the server and put it on /etc/iked/certs Next on iked.conf I use src-id with the email CN that I've got configured. I cannot connect to my server with openiked but with the exactly the same configuration on a strongswan client it works. Any suggestions? Kind regards RG -- Name: Riccardo Giuntoli Email: tag...@gmail.com Location: sant Pere de Ribes, BCN, Spain PGP Key: 0x67123739 PGP Fingerprint: CE75 16B5 D855 842FAB54 FB5C DDC6 4640 6712 3739 Key server: hkp://wwwkeys.eu.pgp.net