Hi Mike,
> Is the ca section of the ipsec.conf used only for ca-certificates or also for
> the leftcert itself?
> If so, what is the element cacert referring to?
man ipsec.conf or [1]?
Regards,
Tobias
[1] https://wiki.strongswan.org/projects/strongswan/wiki/CaSection
Hi Mike,
you have to enable and build the curl plugin which in turn
needs the libcurl header files provided e.g. by the
libcurl4-openssl-dev Debian/Ubuntu package.
make clean
./configure --enable-curl
make
sudo make install
Regards
Andreas
On 01.03.2018 12:38, mike.ettr...@bertelsmann
Hi!
We want to use certificate exchange by using a hash_and_url-server.
What we found in the Charon-log is:
Mar 1 11:37:45 08[CFG]fetching certificate from
'http://146.185.113.20/99970a34dffce65a5fb9179d0a23212135b36197' ...
Mar 1 11:37:45 08[LIB] unable to fetch from
http://146.185.113
Hi Mike,
> What certificate is referenced by the cacert entry, the "leftcert ca" or the
> "leftcert root ca" ?
> Have all certificates in the certificate chain to be accessible from the
> certuribase?
Similar to CRL URIs, the configured base URI is only used for
certificates that are immediate
