0
I have set-up Strongswan on a Ubuntu 14.04 server from the official package repo with IKEv2 and rightauth=eap-tls using our PKI infrastructure. I can connect just fine from Android and Linux but not from Windows. I have installed my personal certificate in the certificate store but when trying to connect it throws this error in the image. I have also attached my certificate (without the private key obviously).
-----BEGIN CERTIFICATE----- MIIG/zCCBeegAwIBAgIIGxrsXmzNusMwDQYJKoZIhvcNAQEFBQAwgZAxCzAJBgNVBAYTAkdSMUQw QgYDVQQKEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENlcnQu IEF1dGhvcml0eTE7MDkGA1UEAxMyQXJpc3RvdGxlIFVuaXZlcnNpdHkgb2YgVGhlc3NhbG9uaWtp IENlbnRyYWwgQ0EgUjQwHhcNMTQwNzAxMDAwMDAwWhcNMTUxMTEyMTk0NDIzWjCB1TELMAkGA1UE BhMCR1IxLTArBgNVBAoMJEFyaXN0b3RsZSBVbml2ZXJzaXR5IG9mIFRoZXNzYWxvbmlraTESMBAG A1UECwwJSVQgQ2VudGVyMUEwPwYDVQQLDDhDbGFzcyBCIC0gUHJpdmF0ZSBLZXkgY3JlYXRlZCBh bmQgc3RvcmVkIGluIHNvZnR3YXJlIENTUDEaMBgGA1UEAwwRVnlyb25hcyBUc2luZ2FyYXMxJDAi BgkqhkiG9w0BCQEWFXZ0c2luZ2FyYXNAaXQuYXV0aC5ncjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANBcam+lRy1LhEe4wr+ZVHi7kA7X4YjQWzqFyEU9HPWLLgiS3OOBvQmjcZsJWXpE vH/AhAdYmkOgwKb+6adiYQRifHDZ9/dLOWGS5zZ+NYeYOAlFLVBx2HtG0CpO7CZ8W6kFstgKSPm1 qMcIjwT3mk240NneW7SGTv4fcMaqEsqA39Vq2nAmOESh6XBuuc8LnYVASNlwgLJ2pi0jDjqmHwLF mAfH8tjqemp39YnprqUY9K3/+xduWfCk83AEgjGsnFP5l3y/m6WTtx+aeDqUVUSS6c4hexL5lSdZ 2zkkDUYUi37B+L0lo2eQIi0T7FimxDm74WIhfFR+JpRJETbesqkCAwEAAaOCAxQwggMQMAsGA1Ud DwQEAwIF4DApBgNVHSUEIjAgBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcUAgIwKQYJKwYB BAGCNxQCBBweGgBTAG0AYQByAHQAYwBhAHIAZABVAHMAZQByMB0GA1UdDgQWBBSPAHZsX8uXsnUG iZ/GaLltW29DrzAfBgNVHSMEGDAWgBT1kxdKHXO2f38gsqUUlFdyGTM20jBxBggrBgEFBQcBAQRl MGMwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnBraS5hdXRoLmdyMDwGCCsGAQUFBzAChjBodHRw Oi8vd3d3LnBraS5hdXRoLmdyL2NlcnRzL0F1dGhDZW50cmFsQ0FSNC5wZW0wRwYDVR0fBEAwPjA8 oDqgOIY2aHR0cDovL2NybHYxLnBraS5hdXRoLmdyL0F1dGhDZW50cmFsQ0FSNC9jcmx2MS5kZXIu Y3JsMIIBIAYDVR0gBIIBFzCCARMwggEPBgsrBgEEAbwdAgADBTCB/zA0BggrBgEFBQcCARYoaHR0 cDovL3d3dy5wa2kuYXV0aC5nci9kb2N1bWVudHMvQ1BTLnBocDCBxgYIKwYBBQUHAgIwgbkwKxYk QXJpc3RvdGxlIFVuaXZlcnNpdHkgb2YgVGhlc3NhbG9uaWtpMAMCAQEagYlUaGlzIGNlcnRpZmlj YXRlIGlzIHN1YmplY3QgdG8gR3JlZWsgbGF3cyBhbmQgb3VyIENQUy4gVGhpcyBDZXJ0aWZpY2F0 ZSBtdXN0IG9ubHkgYmUgdXNlZCBmb3IgYWNhZGVtaWMsIHJlc2VhcmNoIG9yIGVkdWNhdGlvbmFs IHB1cnBvc2VzLjB7BgNVHREEdDBygRJ2dHNpbmdhcmFzQGF1dGguZ3KBFnZ0c2luZ2FyYXNAY2Nm LmF1dGguZ3KBFXZ0c2luZ2FyYXNAaXQuYXV0aC5ncqAtBgorBgEEAYI3FAIDoB8MHXZ0c2luZ2Fy YXNAcGNsYWJzLml0Yy5hdXRoLmdyMA4GCisGAQQBgjcCARUEADANBgkqhkiG9w0BAQUFAAOCAQEA QOocCMJ+qubwbUYK4rJuBJXGzeuDvWG3BDRmPzaFHeDp7e+K3HPy3EYkQWHCayJbuvJFYyb7a0bQ AMvkzUeiZwwC6O3Fa+XIGx8Np9lYykBz6gWyJIeGkXBiDXqO6mkGjQa5XuEuOWtFTtJz78lEyxVF ZALcLprFVgavFii4LFHQO+zW7O3eGyylL1ASFUA0kYyjd9r4FdxWoddRJ5LPdL8IO9IEPho/sHak Qn4Tie7qWWW0eUE0Kec/iJ2jR5sgVpzkduMOPp97WGNWwtMYvAgcv7x0c+4ORCBJsQKVDAufmuFm KKvb/do6y7+LbpUKsgJ75olNVvoIbs9ppxaHyQ== -----END CERTIFICATE-----
MemCtrl
Posted 2014-07-01T08:25:34.697
Reputation: 16
Is the private key installed? Did you install it in the system (Computer account) or the user (My user account) certificate store? Is the CA certificate installed too, and did you move it to the "Trusted Root Certification Authorities" folder? – ecdsa – 2014-07-01T15:45:04.243
I installed in in the User store, not Computer one. Our RootCA has been accepted by Microsoft for inclusion so it's in by default. – MemCtrl – 2014-07-02T08:54:28.370