[vpn-help] Getting message "server cert file requires password"

[Patrick OBrien]

Hi,



when I configure the shrew vpn client and attempt to connect, I aget an 
error about the cert file requiring a password. 


Here is the config that I am using, and the steps to connect:



I ported .pcf files from a cisco client to be used with the vpnc client, 
and in the process converted the server cert file to a format usable by 
openssl - the file has a .pem suffix.



vpnc has it's own way of importing .pcf files, and all worked well there.



When I tried the same approach with shrew, I went back to the original 
cisco .pcf files and imported them; that worked fine.  However, I reused 
the .pem file and this is already in a format that openssl understands.



OS: Ubuntu 9.04, 32bit



The version of shrew vpn client that I am using is 2.1.4.

The iked daemon is running

The Authentication method is Hybrid RSA + XAuth

Remote Identity type is ASN1. DN and "Use the subject in the received 
cert..." checkbox is checked.

On the Credentials tab, Server Certificate Authority File entry points 
to the .pem file I mentioned above.



When I connect, I am asked for a File Password, and Connect dialog box 
shows the following:



config loaded for site 'xxx.pcf'

attached to key daemon ...

peer configured

iskamp proposal configured

esp proposal configured

client configured

local id configured

remote id configured

server cert file requires password          <<===== this is the issue

detached from key daemon ...



I recall when setting up the vpnc conf file for the same connection, I 
had to enter an IPSec secret (as well as the IPSec gateway == hostname 
in shrew)



Any ideas on what is missing here?



Thanks,



pob



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100417/87bcaf33/attachment-0001.html>