Ok How can I see explicit logs related to charon startup ?
During ipsec start I did not see and errors. Regards Shyam -----Original Message----- From: Martin Willi [mailto:[email protected]] Sent: Monday, April 19, 2010 9:49 PM To: Shyamsundar Purkayastha (WT01 - Telecom Equipment) Cc: [email protected] Subject: Re: [strongSwan] Trying a basic peer to peer ipsec setup with strongswan and is failing due to some key related issue Hi, > I feel that the message : id '10.201.114.211' not confirmed by > certificate, defaulting to 'C=IN, ST=KAR, O=WT, OU=TEV, CN=211, > [email protected]' could be the culprit but unable to figure out the > reason. If you do not explicitly specify a leftid, the left parameter is used as your local identity. But your certificate does not contain such an identity as subjectAltName. As this is required, we default to the included certificate subject in this case. This actually shouldn't hurt, you can get rid of the warning by setting leftid to this identity. > ipsec.secrets > : RSA 211Key.pem "2111" > ipsec listcerts > pubkey: RSA 1024 bits If charon would have a private key for your certificate, it would indicate this with "has private key" in listcerts. Either your specified private key does not match to your certificate, or the private key failed to load. Any errors regarding private key loading during daemon startup? Regards Martin Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
