我在Ubuntu 14.04服务器上使用IKEv2和rightauth = eap-tls使用我们的PKI基础设施在官方软件包仓库中设置了Strongswan。我可以从Android和Linux连接得很好,但不能从Windows连接。我已将我的个人证书安装在证书库中,但在尝试连接时会在图像中引发此错误。我还附上了我的证书(显然没有私钥)。
-----开始证书----- MIIG / zCCBeegAwIBAgIIGxrsXmzNusMwDQYJKoZIhvcNAQEFBQAwgZAxCzAJBgNVBAYTAkdSMUQw QgYDVQQKEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENlcnQu IEF1dGhvcml0eTE7MDkGA1UEAxMyQXJpc3RvdGxlIFVuaXZlcnNpdHkgb2YgVGhlc3NhbG9uaWtp IENlbnRyYWwgQ0EgUjQwHhcNMTQwNzAxMDAwMDAwWhcNMTUxMTEyMTk0NDIzWjCB1TELMAkGA1UE BhMCR1IxLTArBgNVBAoMJEFyaXN0b3RsZSBVbml2ZXJzaXR5IG9mIFRoZXNzYWxvbmlraTESMBAG A1UECwwJSVQgQ2VudGVyMUEwPwYDVQQLDDhDbGFzcyBCIC0gUHJpdmF0ZSBLZXkgY3JlYXRlZCBh bmQgc3RvcmVkIGluIHNvZnR3YXJlIENTUDEaMBgGA1UEAwwRVnlyb25hcyBUc2luZ2FyYXMxJDAi BgkqhkiG9w0BCQEWFXZ0c2luZ2FyYXNAaXQuYXV0aC5ncjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANBcam + lRy1LhEe4wr + ZVHi7kA7X4YjQWzqFyEU9HPWLLgiS3OOBvQmjcZsJWXpE VH / AhAdYmkOgwKb + 6adiYQRifHDZ9 / dLOWGS5zZ + NYeYOAlFLVBx2HtG0CpO7CZ8W6kFstgKSPm1 qMcIjwT3mk240NneW7SGTv4fcMaqEsqA39Vq2nAmOESh6XBuuc8LnYVASNlwgLJ2pi0jDjqmHwLF mAfH8tjqemp39YnprqUY9K3 / + xduWfCk83AEgjGsnFP5l3y / m6WTtx + aeDqUVUSS6c4hexL5lSdZ 2zkkDUYUi37B + L0lo2eQIi0T7FimxDm74WIhfFR + JpRJETbesqkCAwEAAaOCAxQwggMQMAsGA1Ud DwQEAwIF4DApBgNVHSUEIjAgBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcUAgIwKQYJKwYB BAGCNxQCBBweGgBTAG0AYQByAHQAYwBhAHIAZABVAHMAZQByMB0GA1UdDgQWBBSPAHZsX8uXsnUG IZ / GaLltW29DrzAfBgNVHSMEGDAWgBT1kxdKHXO2f38gsqUUlFdyGTM20jBxBggrBgEFBQcBAQRl MGMwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnBraS5hdXRoLmdyMDwGCCsGAQUFBzAChjBodHRw Oi8vd3d3LnBraS5hdXRoLmdyL2NlcnRzL0F1dGhDZW50cmFsQ0FSNC5wZW0wRwYDVR0fBEAwPjA8 oDqgOIY2aHR0cDovL2NybHYxLnBraS5hdXRoLmdyL0F1dGhDZW50cmFsQ0FSNC9jcmx2MS5kZXIu Y3JsMIIBIAYDVR0gBIIBFzCCARMwggEPBgsrBgEEAbwdAgADBTCB / zA0BggrBgEFBQcCARYoaHR0 cDovL3d3dy5wa2kuYXV0aC5nci9kb2N1bWVudHMvQ1BTLnBocDCBxgYIKwYBBQUHAgIwgbkwKxYk QXJpc3RvdGxlIFVuaXZlcnNpdHkgb2YgVGhlc3NhbG9uaWtpMAMCAQEagYlUaGlzIGNlcnRpZmlj YXRlIGlzIHN1YmplY3QgdG8gR3JlZWsgbGF3cyBhbmQgb3VyIENQUy4gVGhpcyBDZXJ0aWZpY2F0 ZSBtdXN0IG9ubHkgYmUgdXNlZCBmb3IgYWNhZGVtaWMsIHJlc2VhcmNoIG9yIGVkdWNhdGlvbmFs IHB1cnBvc2VzLjB7BgNVHREEdDBygRJ2dHNpbmdhcmFzQGF1dGguZ3KBFnZ0c2luZ2FyYXNAY2Nm LmF1dGguZ3KBFXZ0c2luZ2FyYXNAaXQuYXV0aC5ncqAtBgorBgEEAYI3FAIDoB8MHXZ0c2luZ2Fy YXNAcGNsYWJzLml0Yy5hdXRoLmdyMA4GCisGAQQBgjcCARUEADANBgkqhkiG9w0BAQUFAAOCAQEA QOocCMJ + qubwbUYK4rJuBJXGzeuDvWG3BDRmPzaFHeDp7e + K3HPy3EYkQWHCayJbuvJFYyb7a0bQ AMvkzUeiZwwC6O3Fa + XIGx8Np9lYykBz6gWyJIeGkXBiDXqO6mkGjQa5XuEuOWtFTtJz78lEyxVF ZALcLprFVgavFii4LFHQO + zW7O3eGyylL1ASFUA0kYyjd9r4FdxWoddRJ5LPdL8IO9IEPho / SHAK Qn4Tie7qWWW0eUE0Kec / iJ2jR5sgVpzkduMOPp97WGNWwtMYvAgcv7x0c + 4ORCBJsQKVDAufmuFm KKvb / do6y7 + LbpUKsgJ75olNVvoIbs9ppxaHyQ == -----结束证书-----
是否安装了私钥?您是否在系统(计算机帐户)或用户(我的用户帐户)证书存储中安装了它?是否也安装了CA证书,是否已将其移至“受信任的根证书颁发机构”文件夹?
—
ecdsa 2014年
我安装在用户商店,而不是计算机一。我们的RootCA已被Microsoft接受,因此它默认情况下已经包含在内。
—
MemCtrl 2014年