Cannot import X509

Home Page Forums Network Management ZeroShell Cannot import X509

This topic contains 5 replies, has 0 voices, and was last updated by  scegg 9 years, 6 months ago.

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • December 27, 2009 at 4:46 am #42119

    scegg
    Participant

    Hi all.

    In my office A, there is a VPN server created by Zeroshell. I created several accounts and downloaded CA and user key files. These files work great with OpenVPN.

    In my office B, which use ZeroShell like a internet router, I want to use ZeroShell instead of OpenVPN to connect to office A. So I want to create a VPN link as client to office A.

    I think I need to import CA and one working key file to ZeroShell @ office B. But unlucky, I get an error while importing:
    ERROR: the private key is not related to the certificate
    I’m sure that the files are correct coz I can use them in OpenVPN without any trouble.

    How can I do that? Thank you.

    January 3, 2010 at 9:37 am #49315

    scegg
    Participant

    No body can fix this?

    reproduction step:
    1 Create a server with Zeroshell (A);
    2 Create a user UserA in A;
    3 Download CA file of A and key file of UserA in PEM format;
    4 Create a server with Zeroshell B;
    5 Click Setup on the left panel of B, click Network tab on the top;
    6 Press New VPN button;
    7 Press Imported button below at the new window;
    8 Choose File (CA and Key);
    9 Press Import.
    You will get the error:
    ERROR: the private key is not related to the certificate

    Yes, the files created cannot be recognized or verified by yourself.

    January 3, 2010 at 2:50 pm #49316

    ppalias
    Member

    Try this… go to Security -> X.509 CA
    On the setup tab there is a section “Importing CA from external source”. Select the Private Key and Certificate of A and import them.
    Let me know if it helps.

    January 3, 2010 at 2:53 pm #49317

    scegg
    Participant

    No….
    It warns me that if I process this, all key files will be lost.
    I just want to add a new user for connect to a VPN server, not delete all my keys.

    January 3, 2010 at 3:09 pm #49318

    ppalias
    Member

    If you want this user to connect to Zeroshell B you have to issue a KEY file from ZS-B not from A. So you’ll have to recreate this user on ZS-B and export his credentials. Otherwise you’ll have to erase all your keys from ZS-B and import the CA of ZS-A.

    January 3, 2010 at 3:14 pm #49319

    scegg
    Participant

    This key file and this CA file are downloaded from ZS-B. And files are OK coz I can use them in OpenVPN for Windows.
    I just want a way to let ZS-A works instead of OpenVPN @ Windows Client.

    January 3, 2010 at 7:33 pm #49320

    ppalias
    Member

    You have to go to Network -> VPN -> LAN to LAN -> New VPN
    On the new window that pops up you can import the keys for a Zeroshell-to-Zeroshell OpenVPN.

  • Author
    Posts
Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.