Problem installing CA certificate for IPSec VPNSupport


Last Updated:

  1. hagbard

    hagbard New Member This Topic's Starter

    Joined:
    May 5, 2010
    Messages:
    2
    Likes Received:
    0
    Hello,

    I am having trouble installing a CA certificate on my Desire which I need to get access to my company's IPSec VPN.
    I understand the proper way to do this is to pack user certificate, user key and CA certificate into a single PKCS12 file, put it on the SD card and use the built-in certificate installation tool to unpack and install the certificates.
    I have my user cert and key packed into a single PEM file and the CA in a separate CRT file. I packed them to a single p12 file using the OpenSSL tool:

    openssl.exe pkcs12 -export -in pem-certificate-and-key-file.pem -certfile cafile.crt -out pkcs12file.p12

    However, when installing the p12 file on the Desire from the SD card, it only installs the user cert and key, ignoring the CA certificate. Thus, I can't set up an IPSec VPN.

    I also tried putting the CA crt file on a web site and installing it using the browser, but the browser thinks is is a user certificate rather than a CA cert and installs it as such.

    Is this a bug, or am I doing something wrong? Did anyone even manage to get this to work? Any suggestions would be much appreciated. I already mailed HTC support a few days ago, but didn't get an answer do far.
     

    Advertisement
  2. tad2much

    tad2much New Member

    Joined:
    Jul 26, 2010
    Messages:
    1
    Likes Received:
    0
    Registered Just to say I am having the same issue. Posted a question on Google's support forums, but never got an answer. Did you ever resolve this?
     
  3. hagbard

    hagbard New Member This Topic's Starter

    Joined:
    May 5, 2010
    Messages:
    2
    Likes Received:
    0
    Nope. Only got an answer from HTC support that the problem has been reported to an engineer, but that was all. And this was a very long time ago.
    /edit: Just being curious - which phone are you using?
     
  4. areichow

    areichow New Member

    Joined:
    Aug 8, 2010
    Messages:
    1
    Likes Received:
    0
    I'm in a difficult position- I've been given a user key by the networking team, but it isn't in one of the OpenSSH-readable standard formats. A binary format of some kind. That's where I've been stuck getting my Cisco VPN set up on my Android phone, a Nexus One running 2.2.
     

Share This Page

Loading...