So.. finally I made it working.
Files to copy:
/etc/iked/ca/ca.crt
/etc/iked/certs/1.2.3.4.crt
/etc/iked/crls/ca.crl
/etc/ssl/vpn/*
/etc/iked/local.pub
/etc/iked/private/local.key
> > If you change the hostname then yes you'll need to a certificate with the
> > new hostname, but then of course
My new box has the same /etc/myname.
I copied:
/etc/iked/ca/ca.crt
/etc/iked/certs/1.2.3.4.crt
/etc/iked/crls/ca.crl
/etc/ssl/vpn/*
What did I do wrong/miss?
Windows shows error 13826: Failed to verify signature.
On Sun, 10 Nov 2019 13:30:24 - (UTC)
Stuart Henderson wrote:
> On
On 2019-11-10, Radek wrote:
> Hi Stuart,
> I have played around with copying them across but no luck (I get error 13801
> in win7). I don't know what I'm doing wrong.
>
> Do I need to set the same hostname (/etc/myname) in new box to make old certs
> working?
>
> In my *old* box certs were
Hi Stuart,
I have played around with copying them across but no luck (I get error 13801 in
win7). I don't know what I'm doing wrong.
Do I need to set the same hostname (/etc/myname) in new box to make old certs
working?
In my *old* box certs were created as below:
[1]ikectl ca vpn create #(CN
On 2019-11-08, radek wrote:
> Hello,
>
> I'm going to replace 6.5 router with new 6.6 box. Is it necessary to generate
> new iked certificates in every new installation or there is a way to move and
> use "old" certificates in new install? Road warriors would be happy with that.
>
> Thank you
Hello,
I'm going to replace 6.5 router with new 6.6 box. Is it necessary to generate
new iked certificates in every new installation or there is a way to move and
use "old" certificates in new install? Road warriors would be happy with that.
Thank you for guiding me on this journey.
--
6 matches
Mail list logo
