[strongSwan] problem: fetching from hash_and_url
Mike.Ettrich at bertelsmann.de
Mike.Ettrich at bertelsmann.de
Thu Mar 1 12:38:24 CET 2018
Hi!
We want to use certificate exchange by using a hash_and_url-server.
What we found in the Charon-log is:
Mar 1 11:37:45 08[CFG] <RU1-TI|4> fetching certificate from 'http://146.185.113.20/99970a34dffce65a5fb9179d0a23212135b36197' ...
Mar 1 11:37:45 08[LIB] <RU1-TI|4> unable to fetch from http://146.185.113.20/99970a34dffce65a5fb9179d0a23212135b36197, no capable fetcher found
Mar 1 11:37:45 08[CFG] <RU1-TI|4> fetching certificate failed
...
Mar 1 11:37:45 08[ENC] <RU1-TI|4> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
As I could find in the users-mailing-list a capable fetcher could be provided by the curl-plugin.
Our installations statusall shows:
sudo ipsec statusall
Status of IKE charon daemon (strongSwan 5.5.3, Linux 4.4.103-6.38-default, x86_64):
uptime: 54 minutes, since Mar 01 11:41:29 2018
malloc: sbrk 2969600, mmap 0, used 693088, free 2276512
worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 0
loaded plugins: charon aes des rc2 sha2 sha1 md5 random nonce x509 pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem fips-prf gmp curve25519 xcbc cmac hmac attr kernel-netlink socket-default stroke vici updown xauth-generic
Do we need to install additional plugins?
Kind regards,
Mike.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180301/c7608ef7/attachment.html>
More information about the Users
mailing list