[strongSwan] Self signed ca cert fails policy check
Andreas Fett
a.fett at gmx.de
Mon Apr 23 22:16:02 CEST 2012
Hi,
On Mon, Apr 23, 2012 at 10:40:07AM +0200, Martin Willi wrote:
> > 01[CFG] policy 1.1.1.1.1 missing in issuing certificate 'CN=CA, ... C=DE'
> In your case, it seems that your end entity certificate has a
> certificate policy 1.1.1.1.1.1. Your CA certificate, however, does not
> have this policy, an "anyPolicy" nor an appropriate policy mapping. See
> [1] for details about certificate policies.
Thanks a lot for your quick answer, the cert used for authentication indeed
included a certificate policy 1.1.1.1.1 while the ca cert did not.
Seems we have to get that fixed :-)
Regards
Andreas
--
The three chief virtues of a programmer are:
Laziness, Impatience and Hubris. -- Larry Wall
More information about the Users
mailing list