[strongSwan] [Strongswan]expected hash algorithm HASH_SHA1, but found HASH_SHA256 error

Martin Willi martin at strongswan.org
Thu Sep 27 16:22:15 CEST 2012


Please try to keep the discussion on the list.

> Could you please once again confirm the problem scenario I have
> pointed in the first mail?
> Is it because of Certificate corruption or Is it failed, because there
> is no support in Strongswan?

If you are talking about the error:

> 08[LIB] expected hash algorithm HASH_SHA1, but found HASH_SHA256

It is because your certificate contains an invalid encoding, as I
explained in the first answer:

> Your certificate looks bogus. The certificate itself says (in the
> X.509 encoding) it is signed by the CA using SHA1, but the PKCS#1
> signature contains an OID for SHA256. Because of this inconsistency,
> the certificate is rejected.


More information about the Users mailing list