[Swan] Question/troubleshooting x509 w/ intermediate & root CA
Paul Wouters
paul at nohats.ca
Fri Sep 23 16:26:49 UTC 2016
On Fri, 23 Sep 2016, Bryan Harris wrote:
> And I notice when I go back to my old certs that were working, I can see the RSA public key in the ipsec auto --listall output. I
> wonder, if anyone knows, why does the cert not come across the line when I'm using the new configuration? If I look at the logs, I
> see that it doesn't work, but I don't understand why.
you can try running with plutodebug=x509 enabled
(or run ipsec whack --debug-x509 before trying to
bring up the connection)
Paul
More information about the Swan
mailing list