Iked and PKCS7

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Iked and PKCS7

Tristan Pilat-2
Hello all,

It's the first time I'm trying to set up a site-to-site IKEv2 VPN with a non OpenBSD device at the other side. I've been asked to provide a CSR,  then they sent me a PKCS7 certificate in return.

Is there any way to install this kind of certificate with iked? If so, how do I proceed?

Thank you for your help.

Cheers,
--
Tristan

Reply | Threaded
Open this post in threaded view
|

Re: Iked and PKCS7

pierre1.bardou
Hello,

You can convert it to PEM format using openssl pkcs7.

--
Cordialement,
Pierre BARDOU

-----Message d'origine-----
De : [hidden email] <[hidden email]> De la part de Tristan Pilat
Envoyé : lundi 9 septembre 2019 10:03
À : [hidden email]
Objet : Iked and PKCS7

Hello all,

It's the first time I'm trying to set up a site-to-site IKEv2 VPN with a non OpenBSD device at the other side. I've been asked to provide a CSR,  then they sent me a PKCS7 certificate in return.

Is there any way to install this kind of certificate with iked? If so, how do I proceed?

Thank you for your help.

Cheers,
--
Tristan


_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

Reply | Threaded
Open this post in threaded view
|

Re: Iked and PKCS7

Sebastian Benoit
In reply to this post by Tristan Pilat-2
Tristan Pilat([hidden email]) on 2019.09.09 10:02:32 +0200:

> Hello all,
>
> It's the first time I'm trying to set up a site-to-site IKEv2 VPN with a
> non OpenBSD device at the other side. I've been asked to provide a CSR,
> then they sent me a PKCS7 certificate in return.
>
> Is there any way to install this kind of certificate with iked? If so, how
> do I proceed?
>
> Thank you for your help.

PKCS7 is just another format (actually one that can contain multiple certs
in one container).

Something like

  openssl pkcs7 -print_certs -in file.p7b -out file.pem

can be used to convert it.

/B