--- west.console.txt 2019-08-24 18:12:56.147678366 +0000 +++ OUTPUT/west.console.txt 2019-08-26 13:13:12.033097098 +0000 @@ -23,11 +23,10 @@ 002 "san" #1: I am sending a certificate request 1v1 "san" #1: STATE_AGGR_I1: initiate 002 "san" #1: Peer ID is ID_USER_FQDN: 'user-east@testing.libreswan.org' -002 "san" #1: certificate verified OK: E=user-east@testing.libreswan.org,CN=east.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA -003 "san" #1: No matching subjectAltName found for 'user-east@testing.libreswan.org' -003 "san" #1: certificate does not contain ID_USER_FQDN subjectAltName=user-east@testing.libreswan.org -002 "san" #1: Peer public key SubjectAltName does not match peer ID for this connection -002 "san" #1: X509: CERT payload does not match connection ID +003 "san" #1: Certificate E=testing@libreswan.org,CN=Libreswan test CA for mainca,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA failed IPsec verification +003 "san" #1: ERROR: The certificate was signed using a signature algorithm that is disabled because it is not secure. +002 "san" #1: X509: Certificate rejected for this connection +002 "san" #1: X509: CERT payload bogus or revoked 003 "san" #1: initial Aggressive Mode packet claiming to be from user-east@testing.libreswan.org on 192.1.2.23:500 but no connection has been authorized 218 "san" #1: STATE_AGGR_I1: INVALID_ID_INFORMATION 002 "san" #1: sending notification INVALID_ID_INFORMATION to 192.1.2.23:500