1. Check out our app, Forums for Android! Download and leave feedback here!

Support Problem installing CA certificate for IPSec VPN

Discussion in 'Android Devices' started by hagbard, May 5, 2010.

  1. hagbard

    hagbard New Member
    Thread Starter
    5

    May 5, 2010
    2
    0
    5
    Hello,

    I am having trouble installing a CA certificate on my Desire which I need to get access to my company's IPSec VPN.
    I understand the proper way to do this is to pack user certificate, user key and CA certificate into a single PKCS12 file, put it on the SD card and use the built-in certificate installation tool to unpack and install the certificates.
    I have my user cert and key packed into a single PEM file and the CA in a separate CRT file. I packed them to a single p12 file using the OpenSSL tool:

    openssl.exe pkcs12 -export -in pem-certificate-and-key-file.pem -certfile cafile.crt -out pkcs12file.p12

    However, when installing the p12 file on the Desire from the SD card, it only installs the user cert and key, ignoring the CA certificate. Thus, I can't set up an IPSec VPN.

    I also tried putting the CA crt file on a web site and installing it using the browser, but the browser thinks is is a user certificate rather than a CA cert and installs it as such.

    Is this a bug, or am I doing something wrong? Did anyone even manage to get this to work? Any suggestions would be much appreciated. I already mailed HTC support a few days ago, but didn't get an answer do far.
     

    Advertisement

  2. tad2much

    tad2much New Member
    5

    Jul 26, 2010
    1
    0
    5
    Registered Just to say I am having the same issue. Posted a question on Google's support forums, but never got an answer. Did you ever resolve this?
     
  3. hagbard

    hagbard New Member
    Thread Starter
    5

    May 5, 2010
    2
    0
    5
    Nope. Only got an answer from HTC support that the problem has been reported to an engineer, but that was all. And this was a very long time ago.
    /edit: Just being curious - which phone are you using?
     
  4. areichow

    areichow New Member
    5

    Aug 8, 2010
    1
    0
    5
    I'm in a difficult position- I've been given a user key by the networking team, but it isn't in one of the OpenSSH-readable standard formats. A binary format of some kind. That's where I've been stuck getting my Cisco VPN set up on my Android phone, a Nexus One running 2.2.
     
Tags:

Share This Page

Loading...