The RDN specifies C=FR, but I don't know if I have to do something more to precise the encoding. Am I supposed to change it at the creation of the x509, of the p12 or after ?
Moreover, I noticed that the Common Name is used as an unique identifier for the certificate ? Is it possible to use it for leftid ? Regards 2015-05-12 21:15 GMT+02:00 Volker Rümelin <[email protected]>: > Hi Jacques, > > After reading your explanations, I tried : >> >> 1) >> leftid="C=FR, ST=Région Parisienne, L=Paris, OU=Org, CN=1.Org, E= >> [email protected] <mailto:[email protected]>" >> I get : no private key found for 'C=FR, ST=R??gion Parisienne, L=Paris, >> OU=Org, CN=1.Org, [email protected] <mailto: >> [email protected]>' >> >> > I see ?? as replacement for é in the log output. This suggests your > ipsec.conf encoding is UTF-8. > > For example my certificate subjet is : >> C=FR, ST=Région Parisienne, L=Paris, OU=Org, CN=1.Org, E= >> [email protected] <mailto:[email protected]> >> but when I do ipsec listall I have : >> C=FR, ST=R?gion Parisienne, L=Paris, OU=Org, CN=1.Org, E= >> [email protected] <mailto:[email protected]> >> >> > Here you have only one ?. The encoding is definitely not UTF-8. Change the > RDN in your certificate to UTF8String and I expect your leftid subject will > match. > > Regards, > Volker >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
