>> On 2021-02-04, Riccardo Giuntoli <[email protected]> wrote: >> > A ikev2 passive server in France that got: >> > >> > A CA >> > A server certificate for tls server >> > And a client certificate for tls client >> > >> > I export the CA in PEM format and put it on /etc/iked/ca >> > >> > Next I export the private key and the certificate and put it on: >> > >> > /etc/iked/private/client.key >> > >> > And the certificate I put it on /etc/iked/pubkeys/ufqdn >> > >> > I also export the PEM of the server and put it on /etc/iked/certs >> > >> > Next on iked.conf I use src-id with the email CN that I've got >> configured. >> > >> > I cannot connect to my server with openiked but with the exactly the same >> > configuration on a strongswan client it works. > > > set dpd_check_interval 15 > ikev2 'uma' active esp \ > from xxx to 172.16.17.0/24 \ > local xxx peer yyy\ > ikesa auth hmac-sha2-384 enc aes-256 group ecp384 \ > childsa auth hmac-sha2-256 enc aes-256 \ > srcid "ganesha@yyy" \ > ikelifetime 86400 lifetime 3600 > > root@ganesha:/etc/iked# find . > . > ./ca > ./ca/ca.crt > ./certs > ./crls > ./export > ./private > ./private/local.key > ./private/[email protected]
iked doesn't handle multiple private keys, only one in local.key > ./pubkeys > ./pubkeys/fqdn > ./pubkeys/ipv4 > ./pubkeys/ipv4/yyy > ./pubkeys/ipv6 > ./pubkeys/ufqdn > ./pubkeys/ufqdn/ganesha@yyy > > root@ganesha:/etc/iked# iked -dvv > create_ike: using signature for peer yyy > ikev2 "uma" active tunnel esp inet from xxx to 172.16.17.0/24 local xxx > peer yyy ikesa enc aes-256 prf > hmac-sha2-256,hmac-sha2-384,hmac-sha2-512,hmac-sha1 auth hmac-sha2-384 > group ecp384 childsa enc aes-256 auth hmac-sha2-256 esn,noesn srcid > ganesha@xxx ikelifetime 86400 lifetime 3600 bytes 536870912 signature > /etc/iked.conf: loaded 1 configuration rules > ca_privkey_serialize: type RSA_KEY length 1190 > ca_pubkey_serialize: type RSA_KEY length 270 > ca_privkey_to_method: type RSA_KEY method RSA_SIG > ca_getkey: received private key type RSA_KEY length 1190 > ca_getkey: received public key type RSA_KEY length 270 > ca_dispatch_parent: config reset > ca_reload: loaded ca file ca.crt > ca_reload: /C=FR/ST=Seine-Saint-Denis/L=Aubervilliers/O=Telecom > Lobby/OU=VPNC/CN=fr.telecomlobby.com > ca_reload: loaded 1 ca certificate > ca_reload: local cert type X509_CERT > config_getocsp: ocsp_url none tolerate 0 maxage -1 > ikev2_dispatch_cert: updated local CERTREQ type X509_CERT length 20 > ikev2_dispatch_cert: updated local CERTREQ type X509_CERT length 20 > config_getpolicy: received policy > config_getpfkey: received pfkey fd 3 > config_getcompile: compilation done > config_getsocket: received socket fd 4 > config_getsocket: received socket fd 5 > config_getsocket: received socket fd 6 > config_getsocket: received socket fd 7 > config_getstatic: dpd_check_interval 15 > config_getstatic: no enforcesingleikesa > config_getstatic: no fragmentation > config_getstatic: mobike > config_getstatic: nattport 4500 > ikev2_init_ike_sa: initiating "uma" > ikev2_policy2id: srcid UFQDN/ganesha@xxx length 24 > ikev2_add_proposals: length 68 > ikev2_next_payload: length 72 nextpayload KE > ikev2_next_payload: length 104 nextpayload NONCE > ikev2_next_payload: length 36 nextpayload NOTIFY > ikev2_nat_detection: local source 0x0ab818df87f9e190 0x0000000000000000 > xxx:500 > ikev2_next_payload: length 28 nextpayload NOTIFY > ikev2_nat_detection: local destination 0x0ab818df87f9e190 > 0x0000000000000000 yyy:500 > ikev2_next_payload: length 28 nextpayload NOTIFY > ikev2_next_payload: length 14 nextpayload NONE > ikev2_pld_parse: header ispi 0x0ab818df87f9e190 rspi 0x0000000000000000 > nextpayload SA version 0x20 exchange IKE_SA_INIT flags 0x08 msgid 0 length > 310 response 0 > ikev2_pld_payloads: payload SA nextpayload KE critical 0x00 length 72 > ikev2_pld_sa: more 0 reserved 0 length 68 proposal #1 protoid IKE spisize 0 > xforms 7 spi 0 > ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_384_192 > ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC > ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4 > ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_384 > ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_256 > ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_384 > ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_512 > ikev2_pld_xform: more 0 reserved 0 length 8 type PRF id HMAC_SHA1 > ikev2_pld_payloads: payload KE nextpayload NONCE critical 0x00 length 104 > ikev2_pld_ke: dh group ECP_384 reserved 0 > ikev2_pld_payloads: payload NONCE nextpayload NOTIFY critical 0x00 length 36 > ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length > 28 > ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_SOURCE_IP > ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length > 28 > ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_DESTINATION_IP > ikev2_pld_payloads: payload NOTIFY nextpayload NONE critical 0x00 length 14 > ikev2_pld_notify: protoid NONE spisize 0 type SIGNATURE_HASH_ALGORITHMS > spi=0x0ab818df87f9e190: send IKE_SA_INIT req 0 peer yyy:500 local xxx:500, > 310 bytes > spi=0x0ab818df87f9e190: sa_state: INIT -> SA_INIT > spi=0x0ab818df87f9e190: recv IKE_SA_INIT res 0 peer yyy:500 local xxx:500, > 221 bytes, policy 'uma' > ikev2_recv: ispi 0x0ab818df87f9e190 rspi 0x01800ab0bf59cc34 > ikev2_recv: updated SA to peer yyy:500 local xxx:500 > ikev2_policy2id: srcid UFQDN/ganesha@xxx length 24 > ikev2_pld_parse: header ispi 0x0ab818df87f9e190 rspi 0x01800ab0bf59cc34 > nextpayload SA version 0x20 exchange IKE_SA_INIT flags 0x20 msgid 0 length > 221 response 1 > ikev2_pld_payloads: payload SA nextpayload KE critical 0x00 length 48 > ikev2_pld_sa: more 0 reserved 0 length 44 proposal #1 protoid IKE spisize 0 > xforms 4 spi 0 > ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC > ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4 > ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_384 > ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_384_192 > ikev2_pld_xform: more 0 reserved 0 length 8 type DH id ECP_384 > ikev2_pld_payloads: payload KE nextpayload NONCE critical 0x00 length 104 > ikev2_pld_ke: dh group ECP_384 reserved 0 > ikev2_pld_payloads: payload NONCE nextpayload NOTIFY critical 0x00 length 28 > ikev2_pld_payloads: payload NOTIFY nextpayload CERTREQ critical 0x00 length > 8 > ikev2_pld_notify: protoid NONE spisize 0 type FRAGMENTATION_SUPPORTED > ikev2_pld_payloads: payload CERTREQ nextpayload NONE critical 0x00 length 5 > ikev2_pld_certreq: type X509_CERT length 0 > ikev2_pld_certreq: invalid length 0 > ikev2_policy2id: srcid UFQDN/ganesha@xxx length 24 > sa_stateflags: 0x0000 -> 0x0004 certreq (required 0x0009 cert,auth) > proposals_negotiate: score 5 > sa_stateok: SA_INIT flags 0x0000, require 0x0009 cert,auth > spi=0x0ab818df87f9e190: ikev2_sa_keys: DHSECRET with 48 bytes > ikev2_sa_keys: SKEYSEED with 48 bytes > spi=0x0ab818df87f9e190: ikev2_sa_keys: S with 72 bytes > ikev2_prfplus: T1 with 48 bytes > ikev2_prfplus: T2 with 48 bytes > ikev2_prfplus: T3 with 48 bytes > ikev2_prfplus: T4 with 48 bytes > ikev2_prfplus: T5 with 48 bytes > ikev2_prfplus: T6 with 48 bytes > ikev2_prfplus: T7 with 48 bytes > ikev2_prfplus: Tn with 336 bytes > ikev2_sa_keys: SK_d with 48 bytes > ikev2_sa_keys: SK_ai with 48 bytes > ikev2_sa_keys: SK_ar with 48 bytes > ikev2_sa_keys: SK_ei with 32 bytes > ikev2_sa_keys: SK_er with 32 bytes > ikev2_sa_keys: SK_pi with 48 bytes > ikev2_sa_keys: SK_pr with 48 bytes > ikev2_msg_auth: initiator auth data length 382 > ca_setauth: switching SIG to RSA_SIG(*) > ca_setauth: auth length 382 > sa_stateok: SA_INIT flags 0x0000, require 0x0009 cert,auth > config_free_proposals: free 0x2715127cf80 > ca_getreq: found CA /C=FR/ST=Seine-Saint-Denis/L=Aubervilliers/O=Telecom > Lobby/OU=VPNC/CN=fr.telecomlobby.com > spi=0x0ab818df87f9e190: ca_getreq: no valid local certificate found for > UFQDN/ganesha@xxx > spi=0x0ab818df87f9e190: ca_getreq: using local public key of type RSA_KEY > ca_setauth: auth length 256 no valid local cert found, I don't know if this is because iked doesn't have the private key (due to it being in a file that iked doesn't look in) or something else. so it switches to RSA ... > ikev2_getimsgdata: imsg 22 rspi 0x01800ab0bf59cc34 ispi 0x0ab818df87f9e190 > initiator 1 sa valid type 11 data length 270 > ikev2_dispatch_cert: cert type RSA_KEY length 270, ok > sa_stateflags: 0x0004 -> 0x0005 cert,certreq (required 0x0009 cert,auth) > sa_stateok: SA_INIT flags 0x0001, require 0x0009 cert,auth > ikev2_getimsgdata: imsg 28 rspi 0x01800ab0bf59cc34 ispi 0x0ab818df87f9e190 > initiator 1 sa valid type 1 data length 256 > ikev2_dispatch_cert: AUTH type 1 len 256 > sa_stateflags: 0x0005 -> 0x000d cert,certreq,auth (required 0x0009 > cert,auth) > sa_stateok: SA_INIT flags 0x0009, require 0x0009 cert,auth > ikev2_next_payload: length 28 nextpayload CERT > ikev2_next_payload: length 275 nextpayload CERTREQ > ikev2_add_certreq: type X509_CERT length 21 > ikev2_next_payload: length 25 nextpayload AUTH > ikev2_next_payload: length 264 nextpayload SA > pfkey_sa_getspi: spi 0x53ce063e > pfkey_sa_init: new spi 0x53ce063e > ikev2_add_proposals: length 48 > ikev2_next_payload: length 52 nextpayload TSi > ikev2_next_payload: length 24 nextpayload TSr > ikev2_next_payload: length 24 nextpayload NONE > ikev2_next_payload: length 748 nextpayload IDi > ikev2_msg_encrypt: decrypted length 692 > ikev2_msg_encrypt: padded length 704 > ikev2_msg_encrypt: length 693, padding 11, output length 744 > ikev2_msg_integr: message length 776 > ikev2_msg_integr: integrity checksum length 24 > ikev2_pld_parse: header ispi 0x0ab818df87f9e190 rspi 0x01800ab0bf59cc34 > nextpayload SK version 0x20 exchange IKE_AUTH flags 0x08 msgid 1 length 776 > response 0 > ikev2_pld_payloads: payload SK nextpayload IDi critical 0x00 length 748 > ikev2_msg_decrypt: IV length 16 > ikev2_msg_decrypt: encrypted payload length 704 > ikev2_msg_decrypt: integrity checksum length 24 > ikev2_msg_decrypt: integrity check succeeded > ikev2_msg_decrypt: decrypted payload length 704/704 padding 11 > ikev2_pld_payloads: decrypted payload IDi nextpayload CERT critical 0x00 > length 28 > ikev2_pld_id: id UFQDN/ganesha@xxx length 24 > ikev2_pld_payloads: decrypted payload CERT nextpayload CERTREQ critical > 0x00 length 275 > ikev2_pld_cert: type RSA_KEY length 270 > ikev2_pld_payloads: decrypted payload CERTREQ nextpayload AUTH critical > 0x00 length 25 > ikev2_pld_certreq: type X509_CERT length 20 > ikev2_pld_payloads: decrypted payload AUTH nextpayload SA critical 0x00 > length 264 > ikev2_pld_auth: method RSA_SIG length 256 > ikev2_pld_payloads: decrypted payload SA nextpayload TSi critical 0x00 > length 52 > ikev2_pld_sa: more 0 reserved 0 length 48 proposal #1 protoid ESP spisize 4 > xforms 4 spi 0x53ce063e > ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_256_128 > ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC > ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4 > ikev2_pld_xform: more 3 reserved 0 length 8 type ESN id ESN > ikev2_pld_xform: more 0 reserved 0 length 8 type ESN id NONE > ikev2_pld_payloads: decrypted payload TSi nextpayload TSr critical 0x00 > length 24 > ikev2_pld_tss: count 1 length 16 > ikev2_pld_tss: type IPV4_ADDR_RANGE protoid 0 length 16 startport 0 endport > 65535 > ikev2_pld_ts: start xxx end xxx > ikev2_pld_payloads: decrypted payload TSr nextpayload NONE critical 0x00 > length 24 > ikev2_pld_tss: count 1 length 16 > ikev2_pld_tss: type IPV4_ADDR_RANGE protoid 0 length 16 startport 0 endport > 65535 > ikev2_pld_ts: start 172.16.17.0 end 172.16.17.255 > spi=0x0ab818df87f9e190: send IKE_AUTH req 1 peer yyy:500 local xxx:500, 776 > bytes > spi=0x0ab818df87f9e190: recv IKE_AUTH res 1 peer yyy:500 local xxx:500, 280 > bytes, policy 'uma' > ikev2_recv: ispi 0x0ab818df87f9e190 rspi 0x01800ab0bf59cc34 > ikev2_recv: updated SA to peer yyy:500 local xxx:500 > ikev2_pld_parse: header ispi 0x0ab818df87f9e190 rspi 0x01800ab0bf59cc34 > nextpayload SK version 0x20 exchange IKE_AUTH flags 0x20 msgid 1 length 280 > response 1 > ikev2_pld_payloads: payload SK nextpayload NOTIFY critical 0x00 length 252 > ikev2_msg_decrypt: IV length 16 > ikev2_msg_decrypt: encrypted payload length 208 > ikev2_msg_decrypt: integrity checksum length 24 > ikev2_msg_decrypt: integrity check succeeded > ikev2_msg_decrypt: decrypted payload length 208/208 padding 199 > ikev2_pld_payloads: decrypted payload NOTIFY nextpayload NONE critical 0x00 > length 8 > ikev2_pld_notify: protoid NONE spisize 0 type AUTHENTICATION_FAILED > ikev2_handle_notifies: AUTHENTICATION_FAILED, closing SA other side rejects auth, probably because it wants cert not RSA. > spi=0x0ab818df87f9e190: sa_state: SA_INIT -> CLOSED from yyy:500 to xxx:500 > policy 'uma' > ikev2_recv: closing SA > spi=0x0ab818df87f9e190: sa_free: authentication failed notification from > peer > config_free_proposals: free 0x27102f7c880 > ^Cca exiting, pid 56381 > control exiting, pid 72177 > ikev2 exiting, pid 49164 > parent terminating > root@ganesha:/etc/iked# So you probably need to move the cert's private key to local.key and extract the public key to local.pub, see the openssl lines in /etc/rc for that.
