Public bug reported: Ubuntu Trusty seems to be affected by the scenario number 1 described in this post on OpenSSL's bug tracker:
http://rt.openssl.org/Ticket/Attachment/45105/25601/ To summarize, verifying the peer's identifer fails when the peer's DN contains a component of ASN.1 type UTF8String. As per RFC 3280, all new X.509 certificates must use such an encoding for DNs. I have tested with the following version of racoon: 1:0.8.0-14ubuntu4 ** Affects: ipsec-tools (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ipsec-tools in Ubuntu. https://bugs.launchpad.net/bugs/1407274 Title: Identifier verification fails with UTF-8-encoded RDN To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ipsec-tools/+bug/1407274/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs