[strongSwan] id not confirmed by certificate
Mike.Ettrich at bertelsmann.de
Mike.Ettrich at bertelsmann.de
Thu Aug 17 16:07:43 CEST 2017
Hi!
I try to start the server (strongSwan-5.5.3) with following config (only a snippet):
conn TI-VPN2
keyexchange=ikev2
leftcert=vpn1-ref.gto-refCert.pem
left=vpn1-ref.gto-ref.zgd.service-ti.de
But when starting the log contains:
Aug 17 15:34:37 05[CFG] loaded certificate "C=DE, O=xxx Systems GmbH TEST-ONLY - NOT-VALID, CN=vpn1-ref.gto-ref.zgd.service-ti.de" from 'vpn1-ref.gto-refCert.pem'
Aug 17 15:34:37 05[CFG] id 'vpn1-ref.gto-ref.zgd.service-ti.de' not confirmed by certificate, defaulting to 'C=DE, O=xxx Systems GmbH TEST-ONLY - NOT-VALID, CN=vpn1-ref.gto-ref.zgd.service-ti.de'
an I understood that this disables the usage of the id= vpn1-ref.gto-ref.zgd.service-ti.de.
Question:
What is the reason for this behave?
Do we need to change our certificate?
Thanks for any suggestion.
Regards,
Mike.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170817/e04e4e64/attachment.html>
More information about the Users
mailing list