Hi! We want to use certificate exchange by using a hash_and_url-server.
What we found in the Charon-log is: Mar 1 11:37:45 08[CFG] <RU1-TI|4> fetching certificate from 'http://146.185.113.20/99970a34dffce65a5fb9179d0a23212135b36197' ... Mar 1 11:37:45 08[LIB] <RU1-TI|4> unable to fetch from http://146.185.113.20/99970a34dffce65a5fb9179d0a23212135b36197, no capable fetcher found Mar 1 11:37:45 08[CFG] <RU1-TI|4> fetching certificate failed ... Mar 1 11:37:45 08[ENC] <RU1-TI|4> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ] As I could find in the users-mailing-list a capable fetcher could be provided by the curl-plugin. Our installations statusall shows: sudo ipsec statusall Status of IKE charon daemon (strongSwan 5.5.3, Linux 4.4.103-6.38-default, x86_64): uptime: 54 minutes, since Mar 01 11:41:29 2018 malloc: sbrk 2969600, mmap 0, used 693088, free 2276512 worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 0 loaded plugins: charon aes des rc2 sha2 sha1 md5 random nonce x509 pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem fips-prf gmp curve25519 xcbc cmac hmac attr kernel-netlink socket-default stroke vici updown xauth-generic Do we need to install additional plugins? Kind regards, Mike.
