On 30/10/2019 16:37, Tobias Brunner wrote: > Hi, > >> Is the problem caused be my certificates being crafted in a way which >> did not comply with what Strongswan requires? > Yep. > >> Or this can be resolved with configuration? > No. Either don't add any keyUsage flags to the certificate, or include > at least one of the mentioned flags. > > Regards, > Tobias
but when I do: $ strongswan pki --issue .... --flag nonRepudiation and then: $ strongswan pki --print --in ipsec.d/certs/suc...@openstack.der.new ... flags: .. nothing gets there?
pEpkey.asc
Description: application/pgp-keys
