Thanks for a quick reply Andreas. It able to read secret as shown below but does not list it.
There is nothing in /var/log/messages related to listing secrets plm56:~/abhishek # ipsec rereadsecrets plm56:~/abhishek # plm56:~/abhishek # tail /var/log/messages Mar 25 05:00:03 plm56 su: (to nobody) root on none Mar 25 05:00:03 plm56 su: pam_unix_session(su:session): session opened for user nobody by (uid=0) Mar 25 05:00:03 plm56 su: pam_unix_session(su:session): session closed for user nobody Mar 25 05:00:03 plm56 su: (to nobody) root on none Mar 25 05:00:03 plm56 su: pam_unix_session(su:session): session opened for user nobody by (uid=0) Mar 25 05:00:17 plm56 su: pam_unix_session(su:session): session closed for user nobody Mar 25 05:00:18 plm56 /usr/sbin/cron[4251]: pam_unix_session(crond:session): session closed for user root Mar 25 05:11:37 plm56 charon: 16[CFG] rereading secrets Mar 25 05:11:37 plm56 charon: 16[CFG] loading secrets from '/etc/ipsec.secrets' Mar 25 05:11:37 plm56 charon: 16[CFG] loaded private key file '/etc/ipsec.d/private/newkey.pem' plm56:~/abhishek # On Wed, Mar 24, 2010 at 7:07 PM, Andreas Steffen <andreas.stef...@strongswan.org> wrote: > Execute > > ipsec rereadsecrets > > and look for error messages in the log. It might be that your passphrase > is not correct. > > ipsec listcerts > > should show your certificate with the comment > > .., has private key > > Best regards > > Andreas > > On 24.03.2010 14:01, Abbhishek Misra wrote: >> Hello All, >> >> I'm trying to setup host2host-cert example but very basic steps are >> not going through. >> >> >> plm56:~/abhishek # ipsec up host-host >> initiating IKE_SA host-host[1] to 9.182.176.61 >> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) (NATD_D_IP) ] >> sending packet: from 9.182.176.56[500] to 9.182.176.61[500] >> received packet: from 9.182.176.61[500] to 9.182.176.56[500] >> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) (NATD_D_IP) >> N(MULT_AUTH) ] >> no private key found for 'plm56.in.ibm.com' >> plm56:~/abhishek # >> >> >> I have used all conf files as mentioned in the example >> >> ipsec listcerts is not showing my certificates that i generated using >> this doc http://www.ipsec-howto.org/x595.html >> >> This is how my secrets file looks >> >> plm56:~/abhishek # cat /etc/ipsec.secrets >> # /etc/ipsec.secrets - strongSwan IPsec secrets file >> : RSA newkey.pem "abhishek" >> >> >> following is my dir listing http://pastebin.com/PZUgn6zQ >> >> this is my /etc/ssl/openssl.cnf http://pastebin.com/w3v2zymm >> >> i have gone through >> https://lists.strongswan.org/pipermail/users/2009-August/003771.html >> and verified modulus for newcert.pem and newkey.pem >> >> Please take a look at these and let me know what more should I do to >> get through. >> >> >> regards >> Abhishek Misra > > ====================================================================== > Andreas Steffen andreas.stef...@strongswan.org > strongSwan - the Linux VPN Solution! www.strongswan.org > Institute for Internet Technologies and Applications > University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===========================================================[ITA-HSR]== > > _______________________________________________ > Users mailing list > Users@lists.strongswan.org > https://lists.strongswan.org/mailman/listinfo/users > _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users