Thank you Tobias. Is there a way I could get the failure notification in my application? My application is using vici interface.
Regards Simon On Tuesday, December 8, 2020, Tobias Brunner <[email protected]> wrote: > Hi Simon, > > > I will change the remote certificate key usage value to something not > > compliant with RFC 4945. > > Compliance with RFC 4945 is already enforced since 5.6.3 [1]. > Authentication will fail for non-compliant peer certificates. > > Regards, > Tobias > > [1] https://wiki.strongswan.org/versions/69 >
