[Swan] host-to-host config fails with Can't find the certificate or private key
Alex
mysqlstudent at gmail.com
Tue Oct 9 02:37:07 UTC 2018
I don't understand this error:
Oct 8 22:30:01.939114: "oriontun" #3: IKEv2 mode peer ID is ID_FQDN:
'@arcade-orion'
Oct 8 22:30:01.939222: "oriontun" #3: Signature check (on
@arcade-orion) failed (wrong key?); tried *AwEAAePbb
Oct 8 22:30:01.939234: "oriontun" #3: Digital Signature authentication failed
Oct 8 22:30:01.939262: "oriontun" #3: responding to AUTH message (ID
1) from 107.155.66.2:500 with encrypted notification
AUTHENTICATION_FAILED
This is from the left host, orion. The key that it tried is the pub
key from the right host, arcade. Why would it fail a signature check?
It seems to indicate that it's the wrong key, but that's the public
key from the keypair generated on the other side. It passes on the
other side:
# ipsec showhostkey --right --rsaid AwEAAePbb
# rsakey AwEAAePbb
rightrsasigkey=0sAwEAAePbbigzEO59FKqpM3frTLK4yry7xtEJN2J+A8rrb2e5reVu28IawJ/IOROx7XeGJkOz0bMX6zUF+ojYz0OPfJWpNfMBdl92NTU6/epO0h9/slKgn2G4hVK6bb1UOrcfo...
I have worked on this all day and all night for more than three days
and just have no idea why it's failing here.
More information about the Swan
mailing list