[Swan] no EE-cert in chain Issue
Gayathri Manoj
gayathri.annur at gmail.com
Thu Apr 6 13:30:31 EEST 2023
Hi All,
We have upgraded the libreswan version from 3.20 to 3.25 and getting the
below errors.
" Mar 31 00:03:21.870077: "71170605222_x509" #1672: X509: *no EE-cert in
chain!*
Mar 31 00:03:21.870105: "71170605222_x509" #1672: X509: *Certificate
rejected for this connection*
Mar 31 00:03:21.870119: "71170605222_x509" #1672: X509: CERT payload bogus
or revoked
Mar 31 00:03:21.870151: "71170605222_x509" #1672: sending encrypted
notification INVALID_ID_INFORMATION to 10.77.32.99:500"
In our cert is having the below extension
*X509v3 Basic Constraints: critical
*
* CA:TRUE*
Please let us know is it due to our certificate issue. With the same
certificate it worked for the system where the libreswan version is
3.20.
When we upload the CA signed certificate with web server template then
no issues.
Please let us know is it due to libreswan limitation or the certificate issue.
Thanks,
Gayathri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20230406/5fcc73c5/attachment.htm>
More information about the Swan
mailing list