Using ACME acquired certificate 05[IKE] <con-mobile|7> no private key found for "***************"
-
Hello,
I have certificate aquired via ACME package. I encounter the issue with "no private key found for"
I see the ipsec config has leftcert=/var/etc/ipsec/ipsec.d/certs/cert-1.crt
which is identical to a .cer file in /tmp/acme/<cert name>/<fqdn>/the certificate uses pubkey: ECDSA 384 bits
not sure if this is a problem -
It is probably due to it being ECDSA. There are several areas that don't properly support ECDSA certs on 2.4.x, but should work on 2.5.0.
ACME certs do work in general for mobile IPsec, I have setup and tested that before.
-
@jimp I verified it. I change it to a RSA 2048 cert, it successfully loaded cert and I can establish conn