All, I just got strongswan installed on my debian squeeze box this evening. everything seems to be going smoothly (eg I'm behind a nat that _actually_ forwards esp packets) until I try to connect. My iphone gives me "Could not validate the server certificate".
I'm using the IPSec configuration (no l2tp) with my own CA. So, I've tries a bunch of different flavors of "openssl pkcs12 -export ..." to generate a .p12 of my ca. No matter what I do, I get "The container "Identity Certificate" must contain only one certificate and its private key." Is apple really that daft as to require the CA's _private_ key? No, I'm probably missing something. Any pointers? I think I reached the end of both duckduckgo and google... thx, Jason. _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
