[strongSwan] strongswan gateway does not send hash-link of its own certificate

Tobias Brunner tobias at strongswan.org
Thu Mar 1 10:55:06 CET 2018

Hi Mike,

> What certificate is referenced by the cacert entry,  the "leftcert ca" or the "leftcert root ca" ?
> Have all certificates in the certificate chain to be accessible from the certuribase?

Similar to CRL URIs, the configured base URI is only used for
certificates that are immediately issued by the referenced CA
certificate.  So if you have intermediate CAs you have to add separate
ca sections for these (you can use the same URI, but it has to be
associated with every CA in the chain separately).


More information about the Users mailing list