Issue #3487: pkcs12 failed - No certificate matches private key - strongSwan

Issue #3487

pkcs12 failed - No certificate matches private key

Added by Tom Hsiung about 5 years ago. Updated almost 5 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Tobias Brunner

Category:

configuration

Affected version:

5.8.4

Resolution:

No feedback

Description

Hello,

Last week I tried to set up a new strongswan server on my Google Cloud VMs. But during the public key set up, I encountered a strange issue.

openssl pkcs12 -export -inkey /etc/ipsec.d/private/1/c.pem -in /etc/ipsec.d/certs/1/cpb.pem -name "client p12" -certfile /etc/ipsec.d/cacerts/1/cac.pem -caname “Strongswan” -out /etc/ipsec.d/certs/1/cpb.p12

I got this error

No certificate matches private key

I am pretty sure I had set up all public and private keys with the option of

--outform pem

Not only I tried new Ubuntu 20.04 TLS fresh new image, but also 18.04 TLS fresh image. Same issue.

Tom

History

#1 Updated by Tobias Brunner about 5 years ago

Status changed from New to Feedback

Without actual files we can only guess it's a user error (i.e. the private key simply does not match the certificate).

#2 Updated by Tobias Brunner almost 5 years ago

Category set to configuration
Status changed from Feedback to Closed
Assignee set to Tobias Brunner
Resolution set to No feedback

Project

General

Profile

strongSwan

Issues

Issue #3487

pkcs12 failed - No certificate matches private key

History

#1 Updated by Tobias Brunner about 5 years ago

#2 Updated by Tobias Brunner almost 5 years ago