[strongSwan] No capable fetcher found
Claude Tompers
claude.tompers at restena.lu
Thu Jun 24 11:51:20 CEST 2010
Hello,
My strongswan server is unable to refetch crls.
When the server starts, it reads the crl correctly, but if a client tries to connect, the refetch fails and so the connection fails.
Here's the log :
Jun 24 11:46:46 vpn6-test pluto[13321]: fetching crl from 'file:///usr/local/etc/ipsec.d/crls/VPNCA-crl.pem' ...
Jun 24 11:46:46 vpn6-test pluto[13321]: unable to fetch from file:///usr/local/etc/ipsec.d/crls/VPNCA-crl.pem, no capable fetcher found
Jun 24 11:46:46 vpn6-test pluto[13321]: crl fetching failed
Jun 24 11:46:46 vpn6-test pluto[13321]: fetching crl from 'VPNCA-crl.pem' ...
Jun 24 11:46:46 vpn6-test pluto[13321]: unable to fetch from VPNCA-crl.pem, no capable fetcher found
Jun 24 11:46:46 vpn6-test pluto[13321]: crl fetching failed
Jun 24 11:46:46 vpn6-test pluto[13321]: "cisco-vpn"[1] 192.168.1.180:59262 #1: X.509 certificate rejected
The permissions on the crl are :
-rw------- 1 root root 1064 May 21 08:13 /usr/local/etc/ipsec.d/crls/VPNCA-crl.pem
Any ideas ?
thanks very much
Claude
--
Claude Tompers
Ingénieur réseau et système
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
Tel: +352 424409 1
Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.strongswan.org/pipermail/users/attachments/20100624/632be1b0/attachment.pgp>
More information about the Users
mailing list