From owner-freebsd-questions Wed Jan 23 2:36:21 2002 Delivered-To: freebsd-questions@freebsd.org Received: from sauber.net (adsl-66-120-9-102.dsl.sntc01.pacbell.net [66.120.9.102]) by hub.freebsd.org (Postfix) with ESMTP id 6CA5637B402 for ; Wed, 23 Jan 2002 02:36:19 -0800 (PST) Received: from ctj-139.1.1.10.in-addr.arpa (blue-edge-alt [210.132.88.42]) by sauber.net (8.11.3/8.11.3) with ESMTP id g0NAaEO25795 for ; Wed, 23 Jan 2002 02:36:14 -0800 (PST) (envelope-from sauber@netcom.com) Date: Wed, 23 Jan 2002 19:36:08 +0900 (JST) From: X-X-Sender: To: Subject: racoon: Invalid authority of the CERT. Message-ID: <20020123193424.B58931-100000@localhost> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I'm attempting to set up racoon to deal with win2000 road warriors and I'm having trouble with certificates. I have created the certificates, put them into /usr/local/etc/certs and loaded them on the win2000 computer. It seems to be kind of working. But when I attempt to establish a connection, racoon says: 2002-01-22 13:25:57: ERROR: crypto_openssl.c:337:cb_check_cert(): unable to get local issuer certificate(20) at depth:0 SubjectName:/C=JP/ST=Tokyo-to/O=CTJ/OU=IT/CN=Soren Dossing/Email=sauber@ctjorsomething.com 2002-01-22 13:25:57: ERROR: oakley.c:1300:oakley_validate_auth(): Invalid authority of the CERT. The certificates are self-certified. I think I need precisely guidelines for how to create certificates, how to place them in the right places and how to utilize them correctly from configuration files. If it matters, I'm using fbsd-4.4 and racoon-20010831a. Soren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message