[strongSwan] strongSwan with Let's Encrypt certificates

Laurens Vets laurens at daemon.be
Tue Jun 28 02:50:21 CEST 2016


On 2016-06-14 03:27, Fred wrote:
> On 14/06/2016 04:47, laurens at daemon.be wrote:
>> Hello list,
>> 
>> I've configured strongSwan following this guide a while back:
>> https://dcamero.azurewebsites.net/. Everything worked back then (3+
>> months ago). Unfortunately, I let the cert expire. I renewed it today
>> and now my connection to strongSwan doesn't work with the new
>> certificate.  Might anyone have an idea what I'm missing? As far as I
>> remember I didn't do anything special back then...
> 
> 
> You did add new private key to ipsec.secrets with password?
> 
> What does syslog show?

Yes, that was done :)

As a followup, everything seems to be working now.

Can it be that the connection initially doesn't work because there's a 
discrepancy between the certs "validity: not before xxx", the time on 
the server and the time on the machine I'm testing from? (UTC on the 
server vs. Pacific Time Zone on test machine).


More information about the Users mailing list