On Fri, 2002-06-21 at 09:46, Nate Carlson wrote: > On 21 Jun 2002, Mike Hicks wrote: > > I followed the instructions you have there, but it seems that the > > certificates I've generated and signed don't get recognized as being > > signed (I get the error "Issuer CA certificate not found" from pluto). [snip] > Hmmm.. very odd. Does it error out when trying to load the CA certificate? > You should see a message like: > > Jun 21 06:35:16 precept Pluto[425]: Changing to directory '/etc/ipsec.d/cacerts' > Jun 21 06:35:16 precept Pluto[425]: loaded cacert file 'RootCA.der' (1286 bytes) > Jun 21 06:35:16 precept Pluto[425]: Changing to directory '/etc/ipsec.d/crls' > Jun 21 06:35:16 precept Pluto[425]: loaded crl file 'crl.pem' (743 bytes) Yep, it sure does. However, I noticed that it also has Jun 21 01:11:40 3po Pluto[8780]: loaded my X.509 cert file '/etc/x509cert.der' (1039 bytes) I know that file is probably old -- would that affect this? How would I generate a new version of that file? -- _ _ _ _ _ ___ _ _ _ ___ _ _ __ How do you tell when you're / \/ \(_)| ' // ._\ / - \(_)/ ./| ' /(__ out of invisible ink? \_||_/|_||_|_\\___/ \_-_/|_|\__\|_|_\ __) [ Mike Hicks | http://umn.edu/~hick0088/ | mailto:hick0088 at tc.umn.edu ] -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: This is a digitally signed message part Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020621/9f5d21fd/attachment.pgp