On Thu, 31 Jan 2019, Mr. Jan Walter wrote:
A couple of differences with the machine certificate installation and how the
system actually picks them up, [email protected]
makes extra double sure the machine can find the right client cert.
Set the registry DWORD for 2048 DH sets and now I get a policy error and
NO_PROPOSAL_CHOSEN on re-key.
That is a known windows bug, try ms-dh-downgrade=yes
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
