[strongSwan] OS X strongSwan client
Martin Willi
martin at strongswan.org
Wed Sep 18 10:58:31 CEST 2013
Hi Claude,
> I have some keychain problems. I have a CA certificate installed in the
> system store and marked it as "Always Trust", but I still get a server
> authentication failure.
Both installing end entity and CA certificates to the Keychain as
"Always Trust" works here on 10.8. Some notes:
* Certificates should go to the "System" keychain
* CA certificates must have the CA basicConstraint
What version of OS X are you running?
You might also try to tweak your syslogger to get the daemon startup log
and check if there is something suspicious. To do so, for example add:
daemon.info /var/log/daemon.log
to /etc/syslog.conf and restart the syslogger with
launchctl unload /System/Library/LaunchDaemons/com.apple.syslogd.plist
launchctl load /System/Library/LaunchDaemons/com.apple.syslogd.plist
During startup or any changes to the Keychain, you should see something
like:
loaded 209 certificates from /System/Library/Keychains/...
loaded 12 certificates from /Library/Keychains/...
Regards
Martin
More information about the Users
mailing list