Certificate VPN: Public key lookup failed

During one of my IPSEC VPN tests using certificate authentication, I have received the following error which really baffled me:

I had never seen this “Public key lookup failed” error message before. I thought I made a mistake during creation of my certificates. For this, I re-created certificates and this time I got the following private key error:

Then I checked the installed certificate locally

Then the current time on the system

This is the problem! SRX system time is behind my certificate server’s time i.e “Not before: 02-23-2014 12:58 UTC ” time is still in the future, certificate is invalid . Once I set the time via NTP, IKE established with no issues. If you are receiving the same type of error, first make sure your system time is correct:-)

One thought on “Certificate VPN: Public key lookup failed

You have a feedback?