LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page openswan on sles: invalid_id_information
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-29-2008, 07:48 AM   #1
norbert74
Member
 
Registered: Apr 2006
Posts: 63

Rep: Reputation: 23
openswan on sles: invalid_id_information

I would like to establish an ipsec connection with openswan on two SLES VMware images (end-to-end, with certificates).
Whatever I try I always get the following errors in the logs:

...
unable to locate my private key for RSA signature
...
...
Main mode peer ID is ID_DER_ASN1_DN: 'C=...'
no crl from issuer "C=..."
no suitable connection for peer 'C=...'
sending encrypted notification INVALID_ID_INFORMATION to ...


The ipsec.conf:

config setup
plutowait=yes

conn %default
leftrsasigkey=%cert
rightrsasigkey=%cert

include /etc/ipsec.d/examples/no_oe.conf

conn A-B
left=192.168.124.50
leftid="C=DE, ... , CN=A.mydomain.com"
leftsubnet=
leftnexthop=%direct
right=192.168.124.56
rightid="C=De, ... , CN=B.mydomain.com"
rightcert=/etc/ipsec.d/certs/B_cert.pem
rightsubnet=
rightnexthop=%direct
auto=start


I copied the private keys of the certificates on each server to
/etc/ipsec.d/private/

I verified that the data inserted in ipsec.conf for "leftid" and "righid"
are identical to the content of the subjects of the server certificates.

Has someone an idea how to solve this?
 
Old 04-30-2008, 10:29 AM   #2
norbert74
Member
 
Registered: Apr 2006
Posts: 63

Original Poster
Rep: Reputation: 23
In the end reinstalling the OS on the VMware images helped. I don't know what the reason was, but then it all worked.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to load sles in redhat platform using sles image created in nfs server AshishNsearch Red Hat 0 03-28-2008 12:12 AM
SLES 10 updates via SLES 9 machine hassan2 SUSE / openSUSE 2 09-19-2007 05:00 PM
Initialized SLES 8 update over OES SLES 9 SP2 by mistake. Kamenko SUSE / openSUSE 4 03-13-2007 05:21 AM
openswan amsri Linux - Software 1 01-13-2006 11:11 PM
Openswan Evgeny Linux - Security 3 03-05-2005 03:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:44 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration