[tech] StrongSwan Certificate Expired

Thu Aug 22 02:01:20 AWST 2019

Hi all,

It looks like StrongSwan is still using the old certificate for 
secure.ucc.asn.au, which is preventing me from connecting. Here are the 
relevant lines from my logs:

Aug 22 01:56:02 kangaroo charon-nm[21062]: 08[IKE] received end entity cert "CN=secure.ucc.asn.au"
Aug 22 01:56:02 kangaroo charon-nm[21062]: 08[IKE] received issuer cert "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3"
Aug 22 01:56:02 kangaroo charon-nm[21062]: 08[CFG]   using certificate "CN=secure.ucc.asn.au"
Aug 22 01:56:02 kangaroo charon-nm[21062]: 08[CFG]   using untrusted intermediate certificate "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3"
Aug 22 01:56:02 kangaroo charon-nm[21062]: 08[CFG] subject certificate invalid (valid from May 13 21:21:49 2019 to Aug 11 21:21:49 2019)
Aug 22 01:56:02 kangaroo charon-nm[21062]: 08[IKE] no trusted RSA public key found for 'secure.ucc.asn.au'

Cheers,

James [MPT]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ucc.gu.uwa.edu.au/pipermail/tech/attachments/20190822/a3a6c84e/attachment.htm 