Hi everyone,
We have a x509 certificate with extensions:
- Authority Information Access: OCSP
- X509v3 CRL Distribution Points
The teltonika RUT240 does not succeed in validating the certificate by constraint because the curl module is missing:
The output error log is the following:
unable to fetch from http://ipa-ca.exemple.com/ca/ocsp, no capable fetcher found
The statusall output is:
Status of IKE charon daemon (strongSwan 5.6.2, Linux 3.18.44, mips):
uptime: 4 minutes, since Mar 30 11:57:34 2021
malloc: sbrk 131072, mmap 0, used 110072, free 21000
worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 1
loaded plugins: charon aes des sha2 sha1 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs8 pgp pem gmp xcbc hmac kernel-netlink resolve socket-default stroke updown xauth-generic
Listening IP addresses:
192.168.121.45
2a01:e34:ec1a:acc0:21e:42ff:fe2d:33a9
192.168.154.254
The AUTH exchange the both peers is OK.
However, the curl module is missing in charon by strongswan so none HTTP fetcher is available.
The firmware is :
- RUT 240 : FW ver.: RUT2XX_R_00.01.14
Do you know how can I have this module enable with the firmware or on my router?
Thanks in advance.