search

hwdsl2 / setup-ipsec-vpn

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
Other
24.89k stars 6.28k forks source link

Import p12 file in OSX, wrong password. #1580

Closed ruojianll closed 1 month ago

ruojianll commented 1 month ago

I download the p12 file into my OSX computer and

open Keychain Access
file->import items
select the p12 file

The it shown a prompt to input password, there is no password shown in screen in IKEv2 sction in. ssh when I setup the script. If there is no password, I left the input box empty and press enter, it told me wrong password.

Where is the password or how to import a empty password p12 file in OSX?

letoams commented 1 month ago

On Wed, 24 Jul 2024, Simmler Li wrote:

OSX/iOS does not support AES-SHA2 as key wrap and most OSes now use that instead of 3DES-sha1 by default. There are swithhes to the openssl command to switch these.

Paul

Date: Wed, 24 Jul 2024 10:18:05 From: Simmler Li @.> Cc: Subscribed @.> To: hwdsl2/setup-ipsec-vpn @.***> Subject: [hwdsl2/setup-ipsec-vpn] Import p12 file in OSX, wrong password. (Issue #1580) X-Spam-Flag: NO

I download the p12 file into my OSX computer and

open Keychain Access file->import items select the p12 file

The it shown a prompt to input password, there is no password shown in screen in IKEv2 sction in. ssh when I setup the script. If there is no password, I left the input box empty and press enter, it told me wrong password.

Where is the password or how to import a empty password p12 file in OSX?

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you are subscribed to this thread.[AAW5L6PNY6ELP5SVIQHAOPDZN6ZR3A5CNFSM6AAAAABLMTAFL6WGG33NNVSW45C7OR4XAZNFJFZXG5LFVJRW63LNMVXHIX3JMTHJBNAXEE.gif] Message ID: @.***>

kmishukov commented 1 month ago

On Wed, 24 Jul 2024, Simmler Li wrote: OSX/iOS does not support AES-SHA2 as key wrap and most OSes now use that instead of 3DES-sha1 by default. There are swithhes to the openssl command to switch these. Paul Date: Wed, 24 Jul 2024 10:18:05 From: Simmler Li @.> Cc: Subscribed @.> To: hwdsl2/setup-ipsec-vpn @.> Subject: [hwdsl2/setup-ipsec-vpn] Import p12 file in OSX, wrong password. (Issue #1580) X-Spam-Flag: NO I download the p12 file into my OSX computer and open Keychain Access file->import items select the p12 file The it shown a prompt to input password, there is no password shown in screen in IKEv2 sction in. ssh when I setup the script. If there is no password, I left the input box empty and press enter, it told me wrong password. Where is the password or how to import a empty password p12 file in OSX? — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you are subscribed to this thread.[AAW5L6PNY6ELP5SVIQHAOPDZN6ZR3A5CNFSM6AAAAABLMTAFL6WGG33NNVSW45C7OR4XAZNFJFZXG5LFVJRW63LNMVXHIX3JMTHJBNAXEE.gif] Message ID: @.>

Is that the reason why I can't import the certificate to RouterOS?

hwdsl2 commented 1 month ago

@ruojianll Hello! For OS X (macOS) please follow the steps in the client setup instructions: https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/ikev2-howto.md#os-x-macos

As mentioned in the instructions linked above, use the generated .mobileconfig file instead of the .p12 file for macOS devices. In case the .mobileconfig file fail to import on your device, please see Ubuntu 20.04 cannot import client config. You may encounter this issue on servers running Ubuntu 20.04, this can usually be resolved by following the steps in #1564 to update the IKEv2 helper script to the latest version.