Hi all
!
Please I need
help.
I have a freeswan
1.98b.
linux suse
8.0
using
road connection ( x509 certificate )
rsa
authentification...
but the signature
isn't accept on the linux server why ?
I have generate the
signatur a thousand times but it doesn't work.
I'm using french
docs at http://www.decaservices.com/docs/securite/vpn/freeswan.html
var/log/messages on linux server
Jul 31 11:01:51
BefundServer pluto[4212]: | Subject: 'C= xx , ST= xxxxx ,
L= xxxx , O=A xxxx ,
CN= xxxxxx , [EMAIL PROTECTED]'
Jul 31 11:01:51 BefundServer pluto[4212]: | not before : Jul 28 16:00:46 UTC 2003
Jul 31 11:01:51 BefundServer pluto[4212]: | current time: Jul 31 09:01:51 UTC 2003
Jul 31 11:01:51 BefundServer pluto[4212]: | not after : Jul 27 16:00:46 UTC 2004
Jul 31 11:01:51 BefundServer pluto[4212]: | certificate is valid
Jul 31 11:01:51 BefundServer pluto[4212]: | Issuer: 'C= xx , ST= xxxxx , L= xxxxr, O= xxxx , CN= xxxxxx , [EMAIL PROTECTED]'
Jul 31 11:01:51 BefundServer pluto[4212]: | issuer CA certificate found
Jul 31 11:01:51 BefundServer pluto[4212]: | Signature Algorithm: 'md5WithRSAEncryption'
Jul 31 11:01:51 BefundServer pluto[4212]: | digest: 31 26 5e f4 bb 34 f9 f5 ce 77 e7 eb 6c 7c 13 76
Jul 31 11:01:51 BefundServer pluto[4212]: | decrypted signature:
Jul 31 11:01:51 BefundServer pluto[4212]: | 00 43 d6 a1 bd bc fa db 55 2c 76 1d 43 23 27 c3
Jul 31 11:01:51 BefundServer pluto[4212]: | 59 04 25 1e dc 1d 25 74 c7 6e 0e 0d 05 4c f0 47
Jul 31 11:01:51 BefundServer pluto[4212]: | dc c4 af cd 86 2a 17 f0 53 76 e1 c7 ea da 59 d9
Jul 31 11:01:51 BefundServer pluto[4212]: | 65 4e e1 6b c2 56 da dc d5 3a b8 b5 1d df 33 1f
Jul 31 11:01:51 BefundServer pluto[4212]: | 6c ad b7 73 53 c1 84 5a 7e 48 66 d6 a8 c5 4b e4
Jul 31 11:01:51 BefundServer pluto[4212]: | 6f 02 43 31 22 7e de e6 21 42 c1 b7 5e 17 26 a4
Jul 31 11:01:51 BefundServer pluto[4212]: | 4b 8c 04 12 ea f7 04 69 71 4b 0f 2a f7 9d f7 42
Jul 31 11:01:51 BefundServer pluto[4212]: | dd 94 5b f8 6a 6b d9 98 1f e0 83 2f 3f d4 6e 3e
Jul 31 11:01:51 BefundServer pluto[4212]: | e0
Jul 31 11:01:51 BefundServer pluto[4212]: "traupe"[3] 195.242.99.19 #2: Certificate signature is invalid
Jul 31 11:01:51 BefundServer pluto[4212]: "traupe"[3] 195.242.99.19 #2: X.509 certificate rejected
Jul 31 11:01:51 BefundServer pluto[4212]: | not before : Jul 28 16:00:46 UTC 2003
Jul 31 11:01:51 BefundServer pluto[4212]: | current time: Jul 31 09:01:51 UTC 2003
Jul 31 11:01:51 BefundServer pluto[4212]: | not after : Jul 27 16:00:46 UTC 2004
Jul 31 11:01:51 BefundServer pluto[4212]: | certificate is valid
Jul 31 11:01:51 BefundServer pluto[4212]: | Issuer: 'C= xx , ST= xxxxx , L= xxxxr, O= xxxx , CN= xxxxxx , [EMAIL PROTECTED]'
Jul 31 11:01:51 BefundServer pluto[4212]: | issuer CA certificate found
Jul 31 11:01:51 BefundServer pluto[4212]: | Signature Algorithm: 'md5WithRSAEncryption'
Jul 31 11:01:51 BefundServer pluto[4212]: | digest: 31 26 5e f4 bb 34 f9 f5 ce 77 e7 eb 6c 7c 13 76
Jul 31 11:01:51 BefundServer pluto[4212]: | decrypted signature:
Jul 31 11:01:51 BefundServer pluto[4212]: | 00 43 d6 a1 bd bc fa db 55 2c 76 1d 43 23 27 c3
Jul 31 11:01:51 BefundServer pluto[4212]: | 59 04 25 1e dc 1d 25 74 c7 6e 0e 0d 05 4c f0 47
Jul 31 11:01:51 BefundServer pluto[4212]: | dc c4 af cd 86 2a 17 f0 53 76 e1 c7 ea da 59 d9
Jul 31 11:01:51 BefundServer pluto[4212]: | 65 4e e1 6b c2 56 da dc d5 3a b8 b5 1d df 33 1f
Jul 31 11:01:51 BefundServer pluto[4212]: | 6c ad b7 73 53 c1 84 5a 7e 48 66 d6 a8 c5 4b e4
Jul 31 11:01:51 BefundServer pluto[4212]: | 6f 02 43 31 22 7e de e6 21 42 c1 b7 5e 17 26 a4
Jul 31 11:01:51 BefundServer pluto[4212]: | 4b 8c 04 12 ea f7 04 69 71 4b 0f 2a f7 9d f7 42
Jul 31 11:01:51 BefundServer pluto[4212]: | dd 94 5b f8 6a 6b d9 98 1f e0 83 2f 3f d4 6e 3e
Jul 31 11:01:51 BefundServer pluto[4212]: | e0
Jul 31 11:01:51 BefundServer pluto[4212]: "traupe"[3] 195.242.99.19 #2: Certificate signature is invalid
Jul 31 11:01:51 BefundServer pluto[4212]: "traupe"[3] 195.242.99.19 #2: X.509 certificate rejected
Thank
Thomas
WOLFF.
