[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Re: FreeSWAN: Win2k ok, XP fails [SOLVED]


my comments / questions are inside :
I have the same problems with SuSE 9.1 / Freeswan 2.04 and Win XP Prof Clients (SP1)

Stefan-Michael. Günther (in-put GbR) schrieb:


it's always a good idea to solve your own problems.

Here's the small list of things I made wrong and which obviously made the difference between win2k and win xp as a FreeSWAN-Client:

1. The time of validity for the client certificate should be between the validity of the certificate of the CA.

this is obvious :-) , otherwise it wouldn't be a valid certificate !

2. Don't use strange characters like '&'  in the DN.

can anybody confirm this ? My DN contains a '&', who thought this might be a problem ?

3. The DN of the CA must be different from the DN of the gateway.

OK, I learned this before, too.

Hope this prevents someone to waste hours like I did.

I wasted them already ... but I think I got a clue now.



Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here