[strongSwan] Self signed ca cert fails policy check
a.fett at gmx.de
Mon Apr 23 22:16:02 CEST 2012
On Mon, Apr 23, 2012 at 10:40:07AM +0200, Martin Willi wrote:
> > 01[CFG] policy 188.8.131.52.1 missing in issuing certificate 'CN=CA, ... C=DE'
> In your case, it seems that your end entity certificate has a
> certificate policy 184.108.40.206.1.1. Your CA certificate, however, does not
> have this policy, an "anyPolicy" nor an appropriate policy mapping. See
>  for details about certificate policies.
Thanks a lot for your quick answer, the cert used for authentication indeed
included a certificate policy 220.127.116.11.1 while the ca cert did not.
Seems we have to get that fixed :-)
The three chief virtues of a programmer are:
Laziness, Impatience and Hubris. -- Larry Wall
More information about the Users