[strongSwan] Small Problems with 5.2

Dirk Hartmann dha at heise.de
Tue Jul 15 10:52:48 CEST 2014

Hi Martin,

--On Friday, July 11, 2014 03:04:27 PM +0200 Martin Willi 
<martin at strongswan.org> wrote:

>> ipsec_starter[3318]: notifying watcher failed: Broken pipe
>> I got: no trusted RSA public key found for NAME
> Btw, I don't think these two issues are directly related. While
> asynchronous IPC operation is affected, starter actually doesn't use
> that.
> Probably something else is wrong with that key: trust chain
> validation, certificate exchange, or loading trusted certificates.
> Your log might have more details.

was there a change in 5.2 about charon asking for the certificate of 
the peer?
I can establish a connection when I add leftsendcert=yes to the 
configuration of my roadwarrior.
If I don't add it I get a connection with 5.1.3 but on 5.2 I get:
[IKE] no trusted RSA public key found for 'C=DE, O=xxxx'
in the log of the server.

Best Regards
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140715/a52d1795/attachment.pgp>

More information about the Users mailing list