[strongSwan] Question regarding smartcard configuration
Marian Thieme
marian.thieme at gmail.com
Thu Dec 24 22:54:34 CET 2015
Hello !
On 12/23/15 23:58, Thomas Egerer wrote:
> Hi Marian
>
> On 12/23/2015 11:02 PM, Marian Thieme wrote:
>> Hi Tobias
> Hope you don't mind me answering :)
>>
No, I am glad if anybody helps !
>> Now, unfortunately, the charon aborts after reading the
>> certificates from the card. The last logs are:
>>
>> Dec 23 22:38:39 00[CFG] loaded untrusted cert 'Marian Thieme
>> ENC 11' Dec 23 22:38:39 00[LIB] failed to load 1 critical plugin
>> feature Dec 23 22:38:39 00[DMN] initialization failed - aborting
>> charon
>>
>> Do have an idea which feature is meant or what/where to check ?
> One of the critical plugin features failed to load. It's amazing
> since none of your plugins is marked as critical (has a leading
> !-sign). I doubt, it's the untrusted certificate. Try setting the
> loglevel for facility cfg to 3 (see [1] for further info,
> essentially the line looks like 'cfg = 3'). This should reveal the
> problem. Hope that helps.
It seems I already have the most detailed log level enabled. (default
= 4). In strongswan.conf I have the following:
charon {
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl
revocation hmac xcbc kernel-netlink socket-default openssl pkcs11
multiple_authentication = no
# two defined file loggers
filelog {
/var/log/charon.log {
# increase default loglevel for all daemon subsystems
default = 4
...
}
}
...
The only suspicious log line I found is this:
Dec 24 22:39:26 00[LIB] feature CUSTOM:libcharon in critical plugin
'charon' has unmet dependency: CUSTOM:kernel-ipsec
Could this be related ?
Adding kernel-ipsec to the plugin list doesn't have an effect.
Regards,
Marian
More information about the Users
mailing list