A FreeS/WAN gateway must store only its own certificate locally.
The peer certificate is received as part of the IKE main mode
protocol. This somehow was not the case with your configuration.
Regards
Andreas
Marc Tinnemeyer wrote:
> On Sat, 27 Jul 2002 00:29:43 +0200
> Andreas Steffen <andreas.steffen_at_strongsec.net> wrote:
>
>
>>The initiator does not send its certificate mtinnemeyer_cert.pem
>>to the responder. Could it be that you mixed up leftcert and
>>rightcert? Could you send me the ipsec.conf of the initiator?
>>
>>Regards
>>
>>Andreas
>
>
> again an error caused by my lack of knowledge, I forgot to put the
> corresponding certificates onto the gateway. As far as I understand it
> it is necessary to keep a copy of them on the gateway, I first thought
> it runs without them.
>
> thank's a lot for your reply
>
> greetings
>
> Marc
-- ====================================================================== Andreas Steffen e-mail: andreas.steffen_at_strongsec.com strongSec GmbH phone: +41 76 340 25 56 Alter Zürichweg 20 home: http://www.strongsec.com CH-8952 Schlieren (Switzerland) ==========================================[strong internet security]==_______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:28 CEST