[strongSwan] policy missing in issuing certificate/no trusted RSA public key found/deleting IKE_SA
martin at strongswan.org
Fri Jun 21 16:40:50 CEST 2013
> 02[CFG] policy 18.104.22.168.22.214.171.124 missing in issuing certificate '...'
> 02[IKE] no trusted RSA public key found for '...'
Your issuing CA certificate does not have the certificate policy 
(nor an anyPolicy) that is included in your issued certificate.
Therefore your certificate is considered invalid, and the tunnel can't
You may disable advanced X.509 constraints checking, if you don't
need/want it, using the --disable-constraints ./configure option.
More information about the Users