[strongSwan] DN-based ID not confirmed by Certificate
Aaron Edwards
aaron at ebob9.com
Fri May 30 21:19:12 CEST 2014
Hi All,
Looking for some troubleshooting direction here.
I'm setting up a strongswan to strongswan VPN, authenticating using
DN-based IDs on certificates from a private CA.
I've done this a *bunch* of times before with earlier self-compiled
versions (5.0.1-5.1.0), however in 5.1.2 that comes with Ubuntu 14.04,
Strongswan does not seem to like my ID:
May 30 18:54:12 office-gilligan charon: 10[CFG] id 'C=US, ST=California,
L=Santa Clara, O=Company, Inc, OU=Marketing, CN=office.company.com' not
confirmed by certificate, defaulting to 'C=US, ST=California, L=Santa
Clara, O=Company, Inc, OU=Marketing, CN=office.company.com'
Later on, when the peer tries to connect, I get a "peer config not found".
Note - I am not using SANs in my certificates (thus why I have been doing
DN-based auth), which has worked before.
Are there any changes/ known bugs from 5.1.0 to 5.1.2 that could cause
this? If not, are there any configuration/compilation options that could
cause this? Just looking for ideas on what to try next.
Thanks,
Aaron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140530/36df6f90/attachment.html>
More information about the Users
mailing list