[strongSwan] OCSP and libcurl
Modster, Anthony
Anthony.Modster at Teledyne.com
Thu Apr 15 19:35:39 CEST 2021
Hello
What path does charon libcurl use when sending OCSP protocol ?
The URL is resolved, but the network is not found.
* charon [info] 07[CFG] requesting ocsp status from \'http://www.carillon.ca/sha2-ocsp\' ...
* charon [info] 07[LIB] libcurl request failed [7]: Failed to connect to 192.64.30.9: Network is unreachable
* charon [info] 07[CFG] ocsp request to http://www.carillon.ca/sha2-ocsp failed
* charon [info] 07[CFG] ocsp check failed, fallback to crl
* charon [info] 07[CFG] fetching crl from \'http://www.carillon.ca/caops/test-signca2-crl.crl\' ...
* charon [info] 07[LIB] libcurl request failed [7]: Failed to connect to 192.64.30.9: Network is unreachable
* charon [info] 07[CFG] crl fetching failed
* charon [info] 07[CFG] certificate status is not available
* charon [info] 07[CFG] ocsp check skipped, no ocsp found
* charon [info] 07[CFG] fetching crl from \'http://www.carillon.ca/caops/TEST-cisRCA1.crl\' ...
* charon [info] 07[LIB] libcurl request failed [7]: Failed to connect to 192.64.30.9: Network is unreachable
* charon [info] 07[CFG] crl fetching failed
* charon [info] 07[CFG] certificate status is not available
The VPN tunnel does come up (so IKE and ESP packets are ok).
Below is some of the configuration information.
* 2021 Apr 15 17:09:04+00:00 wglng-17 charon [info] 12[CFG] vici client 6 connected
* 2021 Apr 15 17:09:04+00:00 wglng-17 charon [info] 10[CFG] vici client 6 requests: load-conn
* 2021 Apr 15 17:09:04+00:00 wglng-17 charon [info] 10[CFG] conn sgateway1-radio0:
* 2021 Apr 15 17:09:04+00:00 wglng-17 charon [info] 10[CFG] child sgateway1-radio0:
* ...
* 2021 Apr 15 17:09:04+00:00 wglng-17 charon [info] 10[CFG] local_ts = dynamic
* 2021 Apr 15 17:09:04+00:00 wglng-17 charon [info] 10[CFG] remote_ts = 40.40.40.15/32
* ...
* 2021 Apr 15 17:09:05+00:00 wglng-17 charon [info] 10[CFG] local_addrs = 10.215.3.133
* 2021 Apr 15 17:09:05+00:00 wglng-17 charon [info] 10[CFG] remote_addrs = 76.232.248.220
* 2021 Apr 15 17:09:05+00:00 wglng-17 charon [info] 10[CFG] local_port = 500
* 2021 Apr 15 17:09:05+00:00 wglng-17 charon [info] 10[CFG] remote_port = 500
Thanks
Teledyne Confidential; Commercially Sensitive Business Data
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20210415/45af26f6/attachment-0001.html>
More information about the Users
mailing list