[strongSwan] Small Problems with 5.2
Dirk Hartmann
dha at heise.de
Tue Jul 15 10:52:48 CEST 2014
Hi Martin,
--On Friday, July 11, 2014 03:04:27 PM +0200 Martin Willi
<martin at strongswan.org> wrote:
>
>> ipsec_starter[3318]: notifying watcher failed: Broken pipe
>
>> I got: no trusted RSA public key found for NAME
>
> Btw, I don't think these two issues are directly related. While
> asynchronous IPC operation is affected, starter actually doesn't use
> that.
>
> Probably something else is wrong with that key: trust chain
> validation, certificate exchange, or loading trusted certificates.
> Your log might have more details.
was there a change in 5.2 about charon asking for the certificate of
the peer?
I can establish a connection when I add leftsendcert=yes to the
configuration of my roadwarrior.
If I don't add it I get a connection with 5.1.3 but on 5.2 I get:
[IKE] no trusted RSA public key found for 'C=DE, O=xxxx'
in the log of the server.
Best Regards
Dirk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140715/a52d1795/attachment.pgp>
More information about the Users
mailing list