[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IPSec WinXP interop

On Fri, Dec 26, 2003 at 12:18:24AM +0000, Antony Gelberg wrote:
> Dec 26 00:09:44 mailhost Pluto[4416]:   loaded private key file
> '/etc/ipsec.d/private/mailhostKey.pem' (1751 bytes)
> Dec 26 00:09:44 mailhost Pluto[4416]:   file coded in unknown format,
> discarded
> Dec 26 00:09:44 mailhost Pluto[4416]: "/etc/ipsec.secrets" line 1: error
> loading RSA private key file

  That looks nasty. You better sort that out first. Perhaps you can find
some test certificates online and try with them. My private key file
looks like this:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: ...

some lines with encrypted key

-----END RSA PRIVATE KEY-----

> mailhost:~# cat /etc/ipsec.secrets
> : RSA /etc/ipsec.d/private/mailhostKey.pem "xxx"

  My ipsec.secrets looks similar...

> Note that the xxx is really the "export password" that I gave when I
> generated the key.

  Try doing 'openssl des -d -in mailhostKey.pem' to see if that xxx
really works.

> I guess that the "no suitable connection" is because of the above
> problem?

  Perhaps... First get that private key working and then try again.

  Valentin
Reply to: