Credentials error on Win 11 with IKEv2 only

[CaptainFrosty]

Checklist

• [x] I read the README
• [x] I read the Important notes
• [x] I followed instructions to configure VPN clients
• [x] I checked IKEv1 troubleshooting, IKEv2 troubleshooting and VPN status
• [x] I searched existing Issues
• [x] This bug is about the VPN setup scripts, and not IPsec VPN itself

Describe the issue Hello, I could use some help with an error I'm getting despite not changing anything with my server or client setup. I am getting "IKE credentials are unacceptable" with the native Win 11 VPN client. I have made a new user and reran the VPN setup script.

To Reproduce Steps to reproduce the behavior:

1. Try to connect with Windows 11
2. Fails negotiation

Expected behavior It has worked perfectly until recently.

Logs

Server (please complete the following information)

• OS: Rocky Linux 9

Client (please complete the following information)

• Device: PC
• OS: Win 11 Pro 23H2
• VPN mode: IKEv2

Additional context Add any other context about the problem here.

Thanks for all that you do.

[CaptainFrosty]

I think I had a problem like this before. May be on the client side with Windows trying to use SHA1 instead of SHA256 with the cert signature. I don't think I ever figured out how to fix it.

[CaptainFrosty]

I can fix this by adding SHA1 as an accepted cipher server side, correct? I would just prefer not to as it isn't the greatest.