Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: lists.freeswan.org > users > 03 > 041848.html (Request Expert lists.freeswan.org Support)

Re: [Users] no RSA public key

From: Andreas Steffen <andreas.steffen(at)strongsec.net>
Date: Tue Apr 15 2003 - 09:36:18 EDT

You seem to use an extremely old version of the X.509 patch, i.e. older than 0.9.11. The CHANGES files says:

Version 0.9.11

  • When multi-tier X.509 hierarchical trust chains are used, Windows XP sends its certificate plus any intermediate CA certificates wrapped in a PKCS#7 signedData structure. Pluto is now able to parse received certificates of type CERT_PKCS7_WRAPPED_X509. In a first step all intermediate CA certificates are added to the chained list of cacerts rejecting self-signed root CA certificates. In a second step the host or user certificate contained in the PKCS#7 structure is verified along the trust chain up to the self-signed root CA certificate which must be present in /etc/ipsec.d/cacerts and which is loaded statically when Pluto starts up.

So please upgrade to a newer version of the X.509 patch

Andreas

Róta Szabolcs wrote:
> Dear All, 

Andreas Steffen                   e-mail: andreas.steffen@strongsec.com
strongSec GmbH                    home:   
http://www.strongsec.com
Alter Zürichweg 20                phone:  +41 1 730 80 64
CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65 
==========================================[strong internet security]===

Content Security by MailMarshal


Users mailing list
Users@lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users Received on Tue Apr 15 23:08:17 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:01:19 EDT

Do you need help?X
Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library