[strongSwan] strongswan gateway does not send hash-link of its own certificate

Tobias Brunner tobias at strongswan.org
Wed Feb 28 16:45:06 CET 2018

Hi Mike,

> gateway ipsec.conf:
> ca %default
>   certuribase=http://hashandurl.my-server.de/
>   auto=add

If that's the only ca section in your config this won't work.  The
%default section is never loaded itself it only provides defaults for
other sections of the same type.  Also, defining a certuribase without a
cacert is useless (as seen on the roadwarrior).


More information about the Users mailing list