Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user-ru

From: "Марьясин Семён" <MarSoft@××.ru>
To: gentoo-user-ru@l.g.o
Subject: [gentoo-user-ru] Re: [gentoo-user-ru] Cisco VPN Client не видит сертификат
Date: Thu, 12 Feb 2009 07:07:22
Message-Id: 124861234422439@webmail89.yandex.ru
In Reply to: [gentoo-user-ru] Cisco VPN Client не видит сертификат by Alex
1 íÏÖÅÔ ÐÏËÏ×ÙÒÑÔØ ÐÁÒÁÍÅÔÒ CertStore ?
2 á ÔÏ ÏÎ ×ÅÄØ ÓÅÒÔÉÆÉËÁÔ ÐÙÔÁÅÔÓÑ ÉÓËÁÔØ × Microsoft User Certificate, ËÏÔÏÒÙÊ ÐÏÄ ÌÉÎÕÈÏÍ ×ÒÑÄ ÌÉ ÅÓÔØ...
3
4 >
5 > ÷ÓÅÍ ÐÒÉ×ÅÔ!
6 >
7 > ÷ÏÚÎÉËÌÁ ÎÅÏÂÈÏÄÉÍÏÓÔØ ÄÏÓÔÕÐÁ Ë ×ÎÕÔÒÅÎÎÅÊ ÓÅÔËÅ ÍÏÅÊ ÏÒÇÁÎÉÚÁÃÉÉ ÞÅÒÅÚ ÉÎÔÅÒÎÅÔ ÐÏ vpn
8 > ÷ ËÁÞÅÓÔ×Å ËÌÉÅÎÔÁ ÉÓÐÏÌØÚÕÅÔÓÑ Cisco VPN Client
9 > äÌÑ ÐÒÏ×ÅÒËÉ ÐÏÄÌÉÎÎÏÓÔÉ ÉÓÐÏÌØÚÕÅÔÓÑ ÓÍÁÒÔËÁÒÔÁ, Á ÐÏÓÌÅ ÔÏÇÏ ËÁË ÓÅÒÔÉÆÉËÁÔ ÎÁ ËÁÒÔÅ ÐÒÏ×ÅÒÅÎ ÎÅÏÂÈÏÄÉÍÏ ÅÝÅ ××ÏÄÉÔØ ÄÏÍÅÎÎÙÅ ÌÏÇÉÎ É ÐÁÒÏÌØ
10 > ó Windows-ÏÂÒÁÚÎÙÈ ÍÁÛÉÎ ×ÓÅ ÒÁÂÏÔÁÅÔ
11 > á ×ÏÔ ÉÚ Linux ÎÅ ÐÏÌÕÞÁÅÔÓÑ :(
12 >
13 > óÍÁÒÔËÁÒÔÕ × USB ËÁÒÔÒÉÄÅÒÅ pcscd ×ÉÄÉÔ É ÔÏ ÞÔÏ ×ÙÄÁÅÔ pcsc_scan ×Ï ×ÌÏÖÅÎÉÉ pcsc_scan.out
14 >
15 > á ×ÏÔ Cisco VPN Client ÄÌÑ Linux ×ÙÄÁÅÔ ÏÛÉÂËÉ (ÓÍ ×ÌÏÖÅÎÉÅ vpnlog.txt)
16 >
17 > îÁÓÔÒÏÊËÉ Cisco VPN Client ×ÚÑÌ Ó ÒÁÂÏÔÁÀÝÅÇÏ ËÌÉÅÎÔÁ ÉÚ Windows (ÓÍ ×ÌÏÖÅÎÉÅ vpnc.pcf)
18 >
19 > ðÏÎÑÌ, ÞÔÏ ËÌÉÅÎÔ ÎÅ ÍÏÖÅÔ ÎÁÊÔÉ ÓÅÒÔÉÆÉËÁÔ ÎÁ ÍÏÅÊ ÓÍÁÒÔËÁÒÔÅ, ÎÏ ËÁË ÐÒÁ×ÉÌØÎÏ ÐÒÏÐÉÓÁÔØ ÐÕÔØ Ë ÓÅÒÔÉÆÉËÁÔÕ × ËÏÎÆÉÇÅ vpn ËÌÉÅÎÔÁ ÎÅ ÚÎÁÀ :(
20 > ïÂÌÁÚÉÌ ×ÅÓØ ÉÎÔÅÒÎÅÔ - ÎÉÞÅÇÏ ÎÅ ÎÁÛÅÌ :(
21 > ðÏÄÓËÁÖÉÔÅ, ÐÏÖÁÌÕÊÓÔÁ, ËÁË ÏÂßÑÓÎÉÔØ vpn ËÌÉÅÎÔÕ, ÇÄÅ ÉÓËÁÔØ ÍÏÊ ÓÅÒÔÉÆÉËÁÔ, ÉÌÉ ÂÒÏÓØÔÅ ÓÓÙÌËÕ, ÇÄÅ ÍÏÖÎÏ ÐÏÞÉÔÁÔØ Ï ÔÏÍ, ËÁË ÕËÁÚÙ×ÁÀÔÓÑ ÐÕÔÉ Ë ÓÅÒÔÉÆÉËÁÔÁÍ ÎÁ ÓÍÁÒÔËÁÒÔÁÈ × Linux
22 >
23 > ëÏÇÄÁ × Windows ÐÒÏÓÍÁÔÒÉ×ÁÀ ÉÎÆÕ ÐÏ ÍÏÅÍÕ ÓÅÒÔÉÆÉËÁÔÕ ÎÁ ËÁÒÔÅ, ÔÏ ðÕÔØ ÓÅÒÔÉÆÉËÁÃÉÉ ×ÙÇÌÑÄÉÔ ÔÁË:
24 > Root Organization
25 > |_Enterprise Organization
26 > |_Login
27 >
28 > óÐÁÓÉÂÏ!
29 >
30 > [main]
31 > Description=
32 > Host=gate-server.ru
33 > AuthType=3
34 > GroupName=
35 > GroupPwd=
36 > enc_GroupPwd=
37 > EnableISPConnect=0
38 > ISPConnectType=0
39 > ISPConnect=
40 > ISPPhonebook=
41 > ISPCommand=
42 > Username=domain\login
43 > SaveUserPassword=0
44 > UserPassword=
45 > enc_UserPassword=
46 > NTDomain=
47 > EnableBackup=1
48 > BackupServer=backup-server-1,backup-server-2
49 > EnableMSLogon=1
50 > MSLogonType=0
51 > EnableNat=1
52 > TunnelingMode=0
53 > TcpTunnelingPort=10000
54 > CertStore=2
55 > CertName=Login
56 > CertPath=
57 > CertSubjectName=e=Login@×××××××××××.ru,cn=Login,ou=Workers,dc=organization,dc=ru
58 > CertSerialHash=
59 > SendCertChain=0
60 > PeerTimeout=90
61 > EnableLocalLAN=0
62 >
63 > Cisco Systems VPN Client Version 4.8.02 (0030)
64 >
65 > Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
66 >
67 > Client Type(s): Linux
68 >
69 > Running on: Linux 2.6.24-23-generic #1 SMP Mon Jan 26 00:13:11 UTC 2009 i686
70 >
71 > Config file directory: /etc/opt/cisco-vpnclient
72 >
73 >
74 > 1 16:13:42.472 02/11/2009 Sev=Warning/3 CLI/0x83900004
75 >
76 > Unable to purge old log files. Function returned -1.
77 >
78 >
79 > 2 16:13:42.494 02/11/2009 Sev=Info/4 CVPND/0x4340001F
80 >
81 > Privilege Separation: restoring MTU on primary interface.
82 >
83 >
84 > 3 16:13:42.494 02/11/2009 Sev=Info/4 CVPND/0x4340000F
85 >
86 > Started cvpnd:
87 >
88 > Cisco Systems VPN Client Version 4.8.02 (0030)
89 >
90 > Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
91 >
92 > Client Type(s): Linux
93 >
94 > Running on: Linux 2.6.24-23-generic #1 SMP Mon Jan 26 00:13:11 UTC 2009 i686
95 >
96 >
97 > 4 16:13:43.474 02/11/2009 Sev=Info/4 CLI/0x43900002
98 >
99 > Started vpnclient:
100 >
101 > Cisco Systems VPN Client Version 4.8.02 (0030)
102 >
103 > Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
104 >
105 > Client Type(s): Linux
106 >
107 > Running on: Linux 2.6.24-23-generic #1 SMP Mon Jan 26 00:13:11 UTC 2009 i686
108 >
109 >
110 > 5 16:13:48.149 02/11/2009 Sev=Info/4 CM/0x43100002
111 >
112 > Begin connection process
113 >
114 >
115 > 6 16:13:48.150 02/11/2009 Sev=Info/4 CM/0x43100004
116 >
117 > Establish secure connection
118 >
119 >
120 > 7 16:13:48.150 02/11/2009 Sev=Info/4 CM/0x43100024
121 >
122 > Attempt connection with server "gate-server.ru"
123 >
124 >
125 > 8 16:13:49.019 02/11/2009 Sev=Info/4 CVPND/0x43400019
126 >
127 > Privilege Separation: binding to port: (0).
128 >
129 >
130 > 9 16:13:49.019 02/11/2009 Sev=Info/4 CVPND/0x43400019
131 >
132 > Privilege Separation: binding to port: (0).
133 >
134 >
135 > 10 16:13:49.019 02/11/2009 Sev=Info/6 IKE/0x4300003B
136 >
137 > Attempting to establish a connection with backup-server-1.
138 >
139 >
140 > 11 16:13:49.020 02/11/2009 Sev=Warning/2 CERT/0x83600009
141 >
142 > Could not load certificate e=Login@×××××××××××.ru,cn=Login,ou=Workers,dc=organization,dc=ru from store Microsoft User Certificate. Reason: store empty
143 >
144 >
145 > 12 16:13:49.020 02/11/2009 Sev=Warning/2 CERT/0x83600004
146 >
147 > If you are using a smartcard or token containing a certificate, verify that it is plugged in and try again.
148 >
149 >
150 > 13 16:13:49.020 02/11/2009 Sev=Warning/2 IKE/0xC3000008
151 >
152 > Unable to open certificate (e=Login@×××××××××××.ru,cn=Login,ou=Workers,dc=organization,dc=ru).
153 >
154 > If you are using a smartcard or token containing a certificate, verify the correct one is plugged in and try again.
155 >
156 >
157 > 14 16:13:49.020 02/11/2009 Sev=Warning/2 IKE/0xC300009B
158 >
159 > Failed to open my certificate (Connection:240)
160 >
161 >
162 > 15 16:13:49.020 02/11/2009 Sev=Warning/2 IKE/0xC300009A
163 >
164 > Failed to set up connection data
165 >
166 >
167 > 16 16:13:49.020 02/11/2009 Sev=Info/4 CM/0x4310001C
168 >
169 > Unable to contact server "gate-server.ru"
170 >
171 >
172 > 17 16:13:49.020 02/11/2009 Sev=Info/4 CM/0x43100024
173 >
174 > Attempt connection with server "backup-server-2"
175 >
176 >
177 > 18 16:13:49.020 02/11/2009 Sev=Info/4 CVPND/0x43400019
178 >
179 > Privilege Separation: binding to port: (0).
180 >
181 >
182 > 19 16:13:49.021 02/11/2009 Sev=Info/4 CVPND/0x43400019
183 >
184 > Privilege Separation: binding to port: (0).
185 >
186 >
187 > 20 16:13:49.021 02/11/2009 Sev=Info/6 IKE/0x4300003B
188 >
189 > Attempting to establish a connection with backup-server-2.
190 >
191 >
192 > 21 16:13:49.021 02/11/2009 Sev=Warning/2 CERT/0x83600009
193 >
194 > Could not load certificate e=Login@×××××××××××.ru,cn=Login,ou=Workers,dc=organization,dc=ru from store Microsoft User Certificate. Reason: store empty
195 >
196 >
197 > 22 16:13:49.021 02/11/2009 Sev=Warning/2 CERT/0x83600004
198 >
199 > If you are using a smartcard or token containing a certificate, verify that it is plugged in and try again.
200 >
201 >
202 > 23 16:13:49.021 02/11/2009 Sev=Warning/2 IKE/0xC3000008
203 >
204 > Unable to open certificate (e=Login@×××××××××××.ru,cn=Login,ou=Workers,dc=organization,dc=ru).
205 >
206 > If you are using a smartcard or token containing a certificate, verify the correct one is plugged in and try again.
207 >
208 >
209 > 24 16:13:49.021 02/11/2009 Sev=Warning/2 IKE/0xC300009B
210 >
211 > Failed to open my certificate (Connection:240)
212 >
213 >
214 > 25 16:13:49.021 02/11/2009 Sev=Warning/2 IKE/0xC300009A
215 >
216 > Failed to set up connection data
217 >
218 >
219 > 26 16:13:49.021 02/11/2009 Sev=Info/4 CM/0x4310001C
220 >
221 > Unable to contact server "backup-server-2"
222 >
223 >
224 > 27 16:13:49.021 02/11/2009 Sev=Info/4 CM/0x43100024
225 >
226 > Attempt connection with server "backup-server-1"
227 >
228 >
229 > 28 16:13:49.021 02/11/2009 Sev=Info/4 CVPND/0x43400019
230 >
231 > Privilege Separation: binding to port: (0).
232 >
233 >
234 > 29 16:13:49.022 02/11/2009 Sev=Info/4 CVPND/0x43400019
235 >
236 > Privilege Separation: binding to port: (0).
237 >
238 >
239 > 30 16:13:49.022 02/11/2009 Sev=Info/6 IKE/0x4300003B
240 >
241 > Attempting to establish a connection with backup-server-1.
242 >
243 >
244 > 31 16:13:49.022 02/11/2009 Sev=Warning/2 CERT/0x83600009
245 >
246 > Could not load certificate e=Login@×××××××××××.ru,cn=Login,ou=Workers,dc=organization,dc=ru from store Microsoft User Certificate. Reason: store empty
247 >
248 >
249 > 32 16:13:49.022 02/11/2009 Sev=Warning/2 CERT/0x83600004
250 >
251 > If you are using a smartcard or token containing a certificate, verify that it is plugged in and try again.
252 >
253 >
254 > 33 16:13:49.022 02/11/2009 Sev=Warning/2 IKE/0xC3000008
255 >
256 > Unable to open certificate (e=Login@×××××××××××.ru,cn=Login,ou=Workers,dc=organization,dc=ru).
257 >
258 > If you are using a smartcard or token containing a certificate, verify the correct one is plugged in and try again.
259 >
260 >
261 > 34 16:13:49.022 02/11/2009 Sev=Warning/2 IKE/0xC300009B
262 >
263 > Failed to open my certificate (Connection:240)
264 >
265 >
266 > 35 16:13:49.022 02/11/2009 Sev=Warning/2 IKE/0xC300009A
267 >
268 > Failed to set up connection data
269 >
270 >
271 > 36 16:13:49.022 02/11/2009 Sev=Info/4 CM/0x4310001C
272 >
273 > Unable to contact server "backup-server-1"
274 >
275 >
276 > 37 16:13:49.022 02/11/2009 Sev=Info/4 CM/0x4310000C
277 >
278 > All connection attempts with backup server failed
279 >
280 >
281 > 38 16:13:49.022 02/11/2009 Sev=Info/5 CM/0x43100025
282 >
283 > Initializing CVPNDrv
284 >
285 >
286 > 39 16:13:49.022 02/11/2009 Sev=Info/4 CVPND/0x4340001F
287 >
288 > Privilege Separation: restoring MTU on primary interface.
289 >
290 >
291 > 40 16:13:49.022 02/11/2009 Sev=Info/4 IKE/0x43000001
292 >
293 > IKE received signal to terminate VPN connection
294 >
295 >
296 > 41 16:13:49.023 02/11/2009 Sev=Info/4 IPSEC/0x43700008
297 >
298 > IPSec driver successfully started
299 >
300 >
301 > 42 16:13:49.023 02/11/2009 Sev=Info/4 IPSEC/0x43700014
302 >
303 > Deleted all keys
304 >
305 >
306 > 43 16:13:49.023 02/11/2009 Sev=Info/4 IPSEC/0x43700014
307 >
308 > Deleted all keys
309 >
310 >
311 > 44 16:13:49.023 02/11/2009 Sev=Info/4 IPSEC/0x43700014
312 >
313 > Deleted all keys
314 >
315 >
316 > 45 16:13:49.023 02/11/2009 Sev=Info/4 IPSEC/0x43700014
317 >
318 > Deleted all keys
319 >
320 >
321 > 46 16:13:49.023 02/11/2009 Sev=Info/4 IPSEC/0x4370000A
322 >
323 > IPSec driver successfully stopped
324 >
325 >
326 > 47 16:13:52.021 02/11/2009 Sev=Info/4 CVPND/0x4340000C
327 >
328 > Stopped service:
329 >
330 >
331 > 48 16:13:52.022 02/11/2009 Sev=Info/4 CVPND/0x4340001F
332 >
333 > Privilege Separation: restoring MTU on primary interface.
334 >
335 > PC/SC device scanner
336 > V 1.4.11 (c) 2001-2007, Ludovic Rousseau <ludovic.rousseau@××××.fr>
337 > Compiled with PC/SC lite version: 1.4.4
338 > Scanning present readers
339 > 0: AseIIIeUSB 00 00
340 >
341 > Wed Feb 11 16:01:02 2009
342 > Reader 0: AseIIIeUSB 00 00
343 > Card state: Card inserted,
344 > ATR: 3B D6 18 00 81 B1 80 7D 1F 03 80 51 00 61 10 30 8F
345 >
346 > ATR: 3B D6 18 00 81 B1 80 7D 1F 03 80 51 00 61 10 30 8F
347 > + TS = 3B --> Direct Convention
348 > + T0 = D6, Y(1): 1101, K: 6 (historical bytes)
349 > TA(1) = 18 --> Fi=372, Di=12, 31 cycles/ETU (115200 bits/s at 3.57 MHz)
350 > TC(1) = 00 --> Extra guard time: 0
351 > TD(1) = 81 --> Y(i+1) = 1000, Protocol T = 1
352 > -----
353 > TD(2) = B1 --> Y(i+1) = 1011, Protocol T = 1
354 > -----
355 > TA(3) = 80 --> IFSC: 128
356 > TB(3) = 7D --> Block Waiting Integer: 7 - Character Waiting Integer: 13
357 > TD(3) = 1F --> Y(i+1) = 0001, Protocol T = 15 - Global interface bytes following
358 > -----
359 > TA(4) = 03 --> Clock stop: not supported - Class accepted by the card: (3G) A 5V B 3V
360 > + Historical bytes: 80 51 00 61 10 30
361 > Category indicator byte: 80 (compact TLV data object)
362 > Tag: 5, len: 1 (card issuer's data)
363 > Card issuer data: 00
364 > Tag: 6, len: 1 (pre-issuing data)
365 > Data: 10
366 > Tag: 3, len: 0 (card service data byte)
367 > Error in the ATR: expecting 1 byte and got 0
368 > + TCK = 8F (correct checksum)
369 >
370 > Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
371 > 3B D6 18 00 81 B1 80 7D 1F 03 80 51 00 61 10 30 8F
372 > ASECard Crypto, http://www.athena-scs.com/product.asp?pid=8
373 >
374 >

Replies

Subject Author
Re: [gentoo-user-ru] Cisco VPN Client не видит сертификат Alex <kav1979@××××.ru>
Report Message
Find on MARC Find on Google Groups