On Tue, 8 Sep 2015, Tony Whyman wrote:
Subject: [Swan] Does libreswan 1.15 have a problem with spaces in CA common
names/nicknames
certutil -L -d sql:/etc/ipsec.d
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
rebecca.mwassocs.co.uk u,u,u
MWA Root CA ,,
You are missing the trust bits on your CA certificate. Upgrading should
have caused you to run ipsec --checknss which should have added the
trust bits for you. I wonder what that did not happen.
try:
certutil -M -d sql:/etc/ipsec.d -n "MWA Root CA" -t 'CT,,'
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
