[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: VPN PGPNet Freeware and Certicates
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: VPN PGPNet Freeware and Certicates
- From: Christopher Biggs <chris_(_at_)_stallion_(_dot_)_oz_(_dot_)_au>
- Date: 30 Aug 2001 09:26:02 +1000
"SECURITY" <security_(_at_)_eds_(_dot_)_com_(_dot_)_ar> moved upon the face of the 'Net and spake thusly:
> is There any good whitepaper how to or anything else about ISAKMPD and
> PGPNet with Cert´s?
There's <http://www.allard.nu/openbsd/> (but it talks about shared secrets)
> I search and read the mailing list an i can´t find why my peer´s don´t
Examine output of isakmpd -d -DA=99.
> Seem´s like my cert´s have no public key...
How are you generating the certificates? Using OpenSSL on BSD as
your CA, or using something else?
What does "openssl x509 -text <your_certificate.crt" show?
Some IPsec clients require extra properties in a certificate that you
won't have if you follow the certificate steps in the FAQ (eg, some
clients (SafeNet?, I can't recall for sure) demand that the CA:true
property be present in the CA certficate).
| Christopher Biggs --- Stallion Technolgoies | One of the founding membata,|
| Evil Genius Division, Brisbane, Q, Australia | Society for Creative Pluri. |
| Send mail with "Subject: sendpgpkey" for my PGP public key. MIME mail OK |
\_____________________ UNIX -- To Serve And Connect _________________________/
Visit your host, monkey.org