[strongSwan] wrong expiry date on amd64?

Niels Peen niels at peen.net
Mon May 23 14:01:04 CEST 2011

While experimenting with a CA certificate due to expire in 2110 I 
noticed this works fine on some servers, but not on others. In all cases 
the Strongswan version is 4.4.1. As I did not notice any date related 
bugfixes in the Changelog I've not yet tried a newer version.

On the servers where this does not work, Strongswan claims the 
certificate expires in 1974. OpenSSL correctly report 2110 on all 
servers. Also OpenVPN, which uses the same certificate, works fine on 
all servers.

The failing servers happen to be amd64, whereas the one server that 
works normally is 686. I'm not sure that's related though.

Has anyone else tried CA certificates with an expiry date that far in 
the future on amd64?


More information about the Users mailing list