[Swan] Certificate confusion (fwd)

Paul Wouters paul at nohats.ca
Fri May 29 16:11:59 EEST 2015


---------- Forwarded message ----------
Date: Thu, 28 May 2015 12:32:30
From: John Crisp <jcrisp at safeandsoundit.co.uk>
To: Paul Wouters <paul at nohats.ca>
Subject: LibreSwan list


Certificate confusion

Hi,

I'm trying to move from using PSK authent to certificates.

Have read the Libreswan/NSS howto but seem to be tripping up somewhere.
Certificate hell :-)

I have an Endian test box that I want to connect to Libreswan. Libreswan
is in 'add' (receive only) mode currently. It is currently behind
another router for testing. ipsec with PSK works OK.

It seems that Libreswan cannot find the correct certificate

>From secure.log

"HomeToVoip" #1: no suitable connection for peer 'C=IT, O=efw,
CN=192.168.200.11'

Quite frankly, having tried so many combinations I am not sure what is
what any more !


IP of Endian 192.168.201.11
IP of ADSL router 192.168.201.1
WAN IP of router 1.2.3.4
IP of Libreswan 5.6.7.8

(Note that I have two WAN links and the original cert in Endian was
generated during install when it only had one WAN interface up with an
IP of 192.168.200.11 - this WAN link is not used for VPNs)


>From the Howto I did :


ipsec initnss

# Generate CA

certutil -S -k rsa -n "TestBox" -s "CN=Test-Box-CA" -v 12 -t "C,C,C" -x
-d /etc/ipsec.d


# Generate a cert

certutil -S -k rsa -c "TestBox" -n "Endian" -s "CN=Endian-Cert" -v 12 -t
"u,u,u" -d /etc/ipsec.d


Export the cert (Endian didn't like this file)
certutil -L -n "Endian" -d /etc/ipsec.d/ -a > Endian.crt

Export the pk12 cert (Imported to Endian)
pk12util -o Endiancacert1.p12 -n Endian -d /etc/ipsec.d


Import Endiancacert into Endian

Exported all 3 certificates from Endian and imported to Libreswan
(details below)

No matter what I have tried and whatever combinations I just cannot
quite get it right and I am clearly missing something insanely simple
but cannot figure out what.

These are both test boxes so I am happy to destroy and rebuild.

Any help gratefully appreciated !

B. Rgds
John


Secure log (debug - x509):

  | processing connection HomeToVoip
  "HomeToVoip" #1: enabling possible NAT-traversal with method RFC 3947
(NAT-Traversal)
  "HomeToVoip" #1: responding to Main Mode
  "HomeToVoip" #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
  "HomeToVoip" #1: STATE_MAIN_R1: sent MR1, expecting MI2
  | processing connection HomeToVoip
  "HomeToVoip" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal)
sender port 500: peer behind NAT
  | processing connection HomeToVoip
  "HomeToVoip" #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
  "HomeToVoip" #1: STATE_MAIN_R2: sent MR2, expecting MI3
  | processing connection HomeToVoip
  | processing connection HomeToVoip
  "HomeToVoip" #1: Main mode peer ID is ID_DER_ASN1_DN: 'C=IT, O=efw,
CN=192.168.200.11'
  |   trusted_ca called with a=C=IT, O=efw, CN=efw CA b=(empty)
  |   trusted_ca called with a=C=IT, O=efw, CN=efw CA b=C=IT, O=efw,
CN=efw CA
  "HomeToVoip" #1: no suitable connection for peer 'C=IT, O=efw,
CN=192.168.200.11'
  "HomeToVoip" #1: sending encrypted notification INVALID_ID_INFORMATION
to 1.2.3.4:500


conn HomeToVoip
     authby=rsasig
     leftid=%fromcert
     leftcert=192.168.200.11
     leftrsasigkey=%cert
     auto=add
     type=tunnel
     ikelifetime=28800s
     salifetime=28800s
     pfs=yes
     left=%defaultroute
     leftsourceip=192.168.97.1
     leftsubnet=192.168.97.0/24
     rightsubnet=192.168.10.0/24
     right=1.2.3.4
     rightrsasigkey=%cert
     leftsendcert=always
     leftrsasigkey2=EFW-main

# HomeToVoip is enabled
# Left Right : Key/type
5.6.7.8 1.2.3.4 : RSA "EFW-main"
5.6.7.8 192.168.200.11 : RSA "EFW-main"
5.6.7.8 192.168.201.11 : RSA "EFW-main"

5.6.7.8 1.2.3.4 : RSA "Endian"
5.6.7.8 192.168.200.11 : RSA "Endian"
5.6.7.8 192.168.201.11 : RSA "Endian"

5.6.7.8 1.2.3.4 : RSA "192.168.200.11"
5.6.7.8 192.168.200.11 : RSA "192.168.200.11"
5.6.7.8 192.168.201.11 : RSA "192.168.200.11"

Certificates on Libreswan

Certificate Nickname    Trust Attributes
                         SSL,S/MIME,JAR/XPI

Endian                  u,u,u
efw CA - efw            ,,
TestBox                 Cu,Cu,Cu
EFW-main                u,u,u
192.168.200.11          Cu,Cu,Cu

Endian, EFW-Main & 192.168.200.11 come from the Endian certificates above.


Authent Certificates on Endian - exported to Libreswan

         Signature Algorithm: sha1WithRSAEncryption
         Issuer: C=IT, O=efw, CN=efw CA
         Validity
             Not Before: May 26 11:43:00 2015 GMT
             Not After : May 25 11:43:00 2025 GMT
         Subject: C=IT, O=efw, CN=192.168.200.11
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
             RSA Public Key: (1024 bit)
                 Modulus (1024 bit):

         Signature Algorithm: sha1WithRSAEncryption
         Issuer: C=IT, O=efw, CN=efw CA
         Validity
             Not Before: May 27 16:37:48 2015 GMT
             Not After : Feb 20 16:37:48 2018 GMT
         Subject: C=ES, ST=Home, O=Home, OU=efw, CN=EFW-main
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
             RSA Public Key: (1024 bit)
                 Modulus (1024 bit):

         Signature Algorithm: sha1WithRSAEncryption
         Issuer: CN=Test-Box-CA
         Validity
             Not Before: May 28 11:49:52 2015 GMT
             Not After : May 28 11:49:52 2016 GMT
         Subject: CN=Endian-Cert
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
             RSA Public Key: (1024 bit)
                 Modulus (1024 bit):


Certificate Authority on Endian

Certificate (Default):
     Data:
         Version: 3 (0x2)
         Serial Number: 0 (0x0)
         Signature Algorithm: sha1WithRSAEncryption
         Issuer: C=IT, O=efw, CN=efw CA
         Validity
             Not Before: May 26 11:42:59 2015 GMT
             Not After : May 25 11:42:59 2025 GMT
         Subject: C=IT, O=efw, CN=efw CA
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
             RSA Public Key: (2048 bit)
                 Modulus (2048 bit):

Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number: -1562091915 (-0x5d1ba18b)
         Signature Algorithm: sha1WithRSAEncryption
         Issuer: CN=Test-Box-CA
         Validity
             Not Before: May 28 11:49:37 2015 GMT
             Not After : May 28 11:49:37 2016 GMT
         Subject: CN=Test-Box-CA
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
             RSA Public Key: (1024 bit)
                 Modulus (1024 bit):



Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number: -1562099908 (-0x5d1bc0c4)
         Signature Algorithm: sha1WithRSAEncryption
         Issuer: CN=Test Box CA
         Validity
             Not Before: May 28 10:39:46 2015 GMT
             Not After : May 28 10:39:46 2016 GMT
         Subject: CN=Test Box CA
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
             RSA Public Key: (1024 bit)
                 Modulus (1024 bit):





Endian uses weakswan I think.

leftcert is picked automatically. rightcert can be changed in the config
- have tried all permutations.

/etc/ipsec.conf :

config setup
     cachecrls=yes
     uniqueids=yes
     charondebug="dmn 4, knl 4"

conn %default
     keyingtries=%forever
     dpddelay=30s
     dpdtimeout=120s


conn Test
     dpdaction=restart
     left=192.168.201.11
     leftnexthop=192.168.201.1
     leftsubnet=192.168.10.0/24
     right=5.6.7.8
     rightsubnet=192.168.97.0/24
     leftcert=192.168.200.11cert.pem
     rightcert=Endian-Certcert.pem
     authby=pubkey
     leftsigkey=%cert
     rightsigkey=%cert
     leftid="192.168.200.11"
     rightid="5.6.7.8"
     ikelifetime=1h
     keylife=8h

ike=aes128-sha1-modp2048,aes128-sha1-modp1536,aes128-md5-modp2048,aes128-md5-modp1536,3des-sha1-modp2048,3des-sha1-modp1536,3des-md5-modp2048,3des-md5-modp1536

esp=aes128-sha1-modp2048,aes128-sha1-modp1536,aes128-md5-modp2048,aes128-md5-modp1536,3des-sha1-modp2048,3des-sha1-modp1536,3des-md5-modp2048,3des-md5-modp1536
     auto=start
     keyexchange=ikev1

conn block
     auto=ignore
conn private
     auto=ignore
conn private-or-clear
     auto=ignore
conn clear-or-private
     auto=ignore
conn clear
     auto=ignore
conn packetdefault
     auto=ignore





More information about the Swan mailing list