[Swan] Certificate confusion (fwd)

Paul Wouters paul at nohats.ca
Sun May 31 18:34:16 EEST 2015 

On Sun, 31 May 2015, John Crisp wrote:

> Thank you for your kind responses. Paul, if I can sort this out I will
> take you up on wiki access to do a page for numpties like me :-)

Good :)

> I think the first thing I need to get straight in my head, and where I
> am probably tripping up, is the use of certificates themselves.
>
> I can see that they can be generated on LibreSwan, and that Endian can
> create them too.
>
> It seem that both ends can be a CA, and therefore issue certificates.

You need to have 1 CA, who is the Certificate Authority. That is the
only entity both servers should trust. This entity can live anywhere -
usually not on either VPN endpoint but a more secure (or even offline)
machine. opensource tools for this are "xca" or "tinyca2" if you run a
linux GUI desktop.

> I can see that both can generate a PKCS12 .p12 which I believe contains
> both the public and private key.

A PKCS#12 usually includes:
- The end entity public certificate (eg vpn.example.com)
- The private key belonging to vpn.example.com's certificate
- The public certificate of the CA (eg "Example CA") that signed the client
- Optionally, any intermediate CA's needed for the full path from CA
   that signed the client to a known root CA (mostly used for TLS, less
   so for IPsec)

So you should give each end its own PKCS#12 file. So each end has their
set. Since it contains the CA cert, each end can validate the remote
peer, and each end can authenticate itself with their own private key.
Neither end can pretend to be the other, since they don't have each
other's private key.

> Now, I had wanted LibreSwan to be just in 'receive' mode - e.g. auto=add
> with the Endian box making the connection.

For the certificates that does not really matter.

> Can someone please explain to me which bit of which cert should go where
> please ?

For libreswan, use "ipsec import /path/to/file.12". Test your results
with: certutl -L -d /etc/ipsec.d

(or with git code or 3.14+ version: certutl -L -d sql:/etc/ipsec.d )

for Endian, which i think is strongswan based? You will prob need to
extract the p12 file into the cacert.pem, client.pem and client.key and
place these in /etc/ipsec.d/cacerts /etc/ipsec.d/certs and
/etc/ipsec.d/private

you will need several commands to extract this content from the p12
file.

> Do both ends need both public and private parts of the same key, or do
> they both generate their own private key and then exchange just the
> public pem with each other ?

Each has its own set.

> If so then how do I import the pem part only into Libreswan (I could add
> the whole .p12 cert from Endian but I believe that really the private
> key should not leave that box ?)

Make sure you have left/rightsendcert=always on libreswan. That will
send the certificate over IKE, which is all you need. No special
importing is needed beyond the initial import/configuration of the
endpoints with their own pkcs#12 set.

> I tried to export the pem part from Endian and import to Libre Swan as
> follows but it errored
>
> [root at test certs]# ipsec import Endian.pem

You cannot import a non-pkcs#12 that way. But you do not need to do
that.

Paul

More information about the Swan mailing list