[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Re: FreeSWAN: Win2k ok, XP fails [SOLVED]



Hello,

my comments / questions are inside :
I have the same problems with SuSE 9.1 / Freeswan 2.04 and Win XP Prof Clients (SP1)

Stefan-Michael. Günther (in-put GbR) schrieb:

Hi,

it's always a good idea to solve your own problems.

Here's the small list of things I made wrong and which obviously made the difference between win2k and win xp as a FreeSWAN-Client:

1. The time of validity for the client certificate should be between the validity of the certificate of the CA.

this is obvious :-) , otherwise it wouldn't be a valid certificate !


2. Don't use strange characters like '&'  in the DN.

can anybody confirm this ? My DN contains a '&', who thought this might be a problem ?


3. The DN of the CA must be different from the DN of the gateway.

OK, I learned this before, too.


Hope this prevents someone to waste hours like I did.

I wasted them already ... but I think I got a clue now.


Bye,

Stefan



--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here