[vpn-help] -12 against ipsec-tools 0.6.6
Matthew Grooms
mgrooms at shrew.net
Mon Jul 24 16:02:03 CDT 2006
Peter Eisch wrote:
> ...
> What certificate creation process is needed to get happy certs? I'm signing
> with "-policy policy_anything"
>
> Ideas?
>
Peter,
Using Hybrid RSA Authentication requires that you create a single set
of RSA credentials. Mutual authentication requires that you create two
sets of credentials. One for the server and one for the client(s). Were
you able to find the sample instructions outlined in the online
documentation? It shows an example on how to create the ca and private
key file using openssl.
http://www.shrew.net/vpn/help/genertaingrsacredentials.htm
Afterwards, you would specify the certificate type, gateway certificate
and private key in the racoon.conf file as shown in the sample racoon
configuration file also in the documentation.
http://www.shrew.net/vpn/help/exampleracoonconffile.htm
The client software requires needs access to the ca.crt which contains
the public key value used to authenticate the server.
Hope this helps. If you have any further questions, please don't
hesitate to ask.
-Matthew
More information about the vpn-help
mailing list