Hi all, I have the setup described at [1] working currently. shea-intermediate.crt is signed by zalora-ca.crt, and each machine's cert in /etc/x509 is signed by and concatenated with shea-intermediate.crt. If I remove the 'ca inter' section from each config, I get:
> no issuer certificate found for "C=SG, ST=Singapore, O=Zalora, OU=DevOps, > CN=strongswan-ebc130d19292466287791571653eac79, [email protected]" Is there any way to get this to work without each machine needing to know about the intermediate cas that may be used by the others? Since the intermediate ca is signed by the root ca and bundled with the end-user ca, it seems like it shouldn't be necessary... ~Shea [1]: https://gist.github.com/shlevy/99c8008c9b0043bc4afc _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
