Unable to import cacert on new C162 machine

I am trying to set up IPSec tunnels on a new Core 162 machine, and everytime I try to upload a root certificate, I receive this error: “Not a valid CA certificate.” Looking in the apache error log at /var/log/httpd/error_log, I find this:

138888342709632:error:0908F066:PEM routines:get_header_and_data:bad end line:crypto/pem/pem_lib.c:812:

The file I am trying to import is from a Core 159 machine. What am I missing?


I did find this bug, which is maddeningly still unfixed since August. I’ll give it a test once I get a few other things straightened out.


Thanks to this forum post: Possible bug? IPsec certificate export problem since Core Update 158

Additional details: I am not 100% certain, but it seems that the Core 162 machine already had the proposed fix from BugZilla applied, while the Core 159 did not. It is unclear if this has been fixed yet.


to increase the confusion even more, @stevee’s patch fixing this is scheduled for Core Update 163. :slight_smile:

So whatever makes things working in your case should be shipped for all IPFire users soon…

Thanks, and best regards,
Peter Müller