Hello All, Andres, I did a fresh start and got stuck at "could not parse loaded certificate file '/etc/ipsec.d/cacerts/cacert.pem'"
I used openssl instead of CA.sh openssl req -x509 -newkey rsa:2048 -keyout private/cakey.pem -out cacerts/cacert.pem openssl req -newkey rsa:2048 -keyout private/maikaKey.pem -out reqs/maikaReq.pem openssl ca -in reqs/maikaReq.pem -out certs/maikaCert.pem -cert /etc/ipsec.d/cacerts/cacert.pem following are messages when i reread ca certificates Mar 29 16:57:25 plm61 charon: 12[CFG] rereading ca certificates from '/etc/ipsec.d/cacerts' Mar 29 16:57:25 plm61 charon: 12[LIB] failed to create a builder for credential type CRED_PUBLIC_KEY, subtype (0) Mar 29 16:57:25 plm61 charon: 12[LIB] could not parse loaded certificate file '/etc/ipsec.d/cacerts/cacert.pem' Mar 29 16:57:25 plm61 charon: 12[LIB] failed to create a builder for credential type CRED_CERTIFICATE, subtype (1) I fixed openssl.cnf as suggested here is my /etc/ssl/openssl.cnf http://pastebin.com/DeUdKNfx secrets files looks like this cat /etc/ipsec.secrets # /etc/ipsec.secrets - strongSwan IPsec secrets file : RSA maikaKey.pem "password" : RSA cakey.pem "password" this is my /etc/ipsec.conf http://pastebin.com/VPcG7iVR i used all reread commands and ipsec restart on ipsec restart i get following Mar 29 17:23:16 plm61 ipsec_starter[5687]: charon (5688) started after 20 ms Mar 29 17:23:16 plm61 charon: 03[CFG] received stroke: add connection 'host-host' Mar 29 17:23:16 plm61 charon: 03[LIB] failed to create a builder for credential type CRED_PUBLIC_KEY, subtype (0) Mar 29 17:23:16 plm61 charon: 03[LIB] could not parse loaded certificate file '/etc/ipsec.d/certs/maikaCert.pem' Mar 29 17:23:16 plm61 charon: 03[LIB] failed to create a builder for credential type CRED_CERTIFICATE, subtype (1) Mar 29 17:23:16 plm61 charon: 03[CFG] added configuration 'host-host' regards Abhishek _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users