linux连接不上 - Githubissues

任务列表

[x] 我已阅读自述文件
[x] 我已阅读重要提示
[x] 我已按照说明配置 VPN 客户端
[x] 我检查了故障排除以及 VPN 状态
[x] 我搜索了已有的 Issues
[x] 这个 bug 是关于 VPN 安装脚本，而不是 IPsec VPN 本身

问题描述 Linux系统使用NetworkManager VPN连接，链接不上

重现步骤 重现该 bug 的步骤：

导入p12文件的root证书到系统
VPN设置p12的客户端证书pem，设置客户端的p12文件中的key
连接VPN

日志 客户端日志

-- Journal begins at Tue 2021-03-23 11:58:48 CST, ends at Tue 2021-03-23 11:59:01 CST. --
3月 23 11:58:53 x NetworkManager[521]: <info>  [1616471933.7125] audit: op="connection-activate" uuid="5f295d8d-dd24-4ce0-b17b-d7b105b1d3ff" name="VPN 连接 1" pid=800 uid=1000 result="success"
3月 23 11:58:53 x NetworkManager[521]: <info>  [1616471933.7173] vpn-connection[0x56065aba0300,5f295d8d-dd24-4ce0-b17b-d7b105b1d3ff,"VPN 连接 1",0]: Started the VPN service, PID 36258
3月 23 11:58:53 x charon-nm[36258]: 00[DMN] Starting charon NetworkManager backend (strongSwan 5.9.1)
3月 23 11:58:53 x NetworkManager[521]: <info>  [1616471933.7406] vpn-connection[0x56065aba0300,5f295d8d-dd24-4ce0-b17b-d7b105b1d3ff,"VPN 连接 1",0]: Saw the service appear; activating connection
3月 23 11:58:53 x charon-nm[36258]: 00[LIB] loaded plugins: nm-backend charon-nm ldap pkcs11 aesni aes des rc2 sha2 sha3 sha1 md5 mgf1 random nonce x509 revocation constraints pkcs1 pkcs7 pkcs8 sshkey pem openssl fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ntru drbg newhope bliss curl kernel-netlink socket-default bypass-lan eap-identity eap-md5 eap-gtc eap-mschapv2 eap-tls eap-ttls eap-peap
3月 23 11:58:53 x charon-nm[36258]: 00[LIB] dropped capabilities, running as uid 0, gid 0
3月 23 11:58:53 x charon-nm[36258]: 00[JOB] spawning 16 worker threads
3月 23 11:58:53 x charon-nm[36258]: 06[IKE] installed bypass policy for 192.168.4.0/23
3月 23 11:58:53 x charon-nm[36258]: 06[IKE] installed bypass policy for ::1/128
3月 23 11:58:53 x charon-nm[36258]: 06[IKE] installed bypass policy for fe80::/64
3月 23 11:58:53 x NetworkManager[521]: <info>  [1616471933.7524] vpn-connection[0x56065aba0300,5f295d8d-dd24-4ce0-b17b-d7b105b1d3ff,"VPN 连接 1",0]: VPN connection: (ConnectInteractive) reply received
3月 23 11:58:53 x charon-nm[36258]: 05[CFG] received initiate for NetworkManager connection VPN 连接 1
3月 23 11:58:53 x charon-nm[36258]: 05[LIB]   file coded in unknown format, discarded
3月 23 11:58:53 x charon-nm[36258]: 05[LIB] building CRED_CERTIFICATE - X509 failed, tried 5 builders
3月 23 11:58:53 x charon-nm[36258]: 05[CFG] loading CA certificate '/etc/ssl/certs/java/cacerts' failed
3月 23 11:58:53 x charon-nm[36258]: 05[CFG] using gateway identity '47.111.131.123'
3月 23 11:58:53 x charon-nm[36258]: 05[IKE] initiating IKE_SA VPN 连接 1[1] to 47.111.131.123
3月 23 11:58:53 x charon-nm[36258]: 05[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
3月 23 11:58:53 x charon-nm[36258]: 05[NET] sending packet: from 192.168.4.4[34647] to 47.111.131.123[500] (1000 bytes)
3月 23 11:58:53 x NetworkManager[521]: <info>  [1616471933.8319] vpn-connection[0x56065aba0300,5f295d8d-dd24-4ce0-b17b-d7b105b1d3ff,"VPN 连接 1",0]: VPN plugin: state changed: starting (3)
3月 23 11:58:53 x charon-nm[36258]: 10[NET] received packet: from 47.111.131.123[500] to 192.168.4.4[34647] (38 bytes)
3月 23 11:58:53 x charon-nm[36258]: 10[ENC] parsed IKE_SA_INIT response 0 [ N(INVAL_KE) ]
3月 23 11:58:53 x charon-nm[36258]: 10[IKE] peer didn't accept DH group ECP_256, it requested MODP_2048
3月 23 11:58:53 x charon-nm[36258]: 10[IKE] initiating IKE_SA VPN 连接 1[1] to 47.111.131.123
3月 23 11:58:53 x charon-nm[36258]: 10[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
3月 23 11:58:53 x charon-nm[36258]: 10[NET] sending packet: from 192.168.4.4[34647] to 47.111.131.123[500] (1192 bytes)
3月 23 11:58:53 x charon-nm[36258]: 11[NET] received packet: from 47.111.131.123[500] to 192.168.4.4[34647] (479 bytes)
3月 23 11:58:53 x charon-nm[36258]: 11[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(FRAG_SUP) N(HASH_ALG) N(NATD_S_IP) N(NATD_D_IP) CERTREQ ]
3月 23 11:58:53 x charon-nm[36258]: 11[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] local host is behind NAT, sending keep alives
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] remote host is behind NAT
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] received cert request for "CN=IKEv2 VPN CA, O=IKEv2 VPN"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, OU=emSign PKI, O=eMudhra Inc, CN=emSign Root CA - C1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IN, OU=emSign PKI, O=eMudhra Technologies Limited, CN=emSign ECC Root CA - G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TW, O=Chunghwa Telecom Co., Ltd., OU=ePKI Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=WISeKey, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GC CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=FNMT-RCM, OU=AC RAIZ FNMT-RCM"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=SecureTrust Corporation, CN=SecureTrust CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=WISeKey, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GC CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, CN=GlobalSign Root E46"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Commercial"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HU, L=Budapest, O=NetLock Kft., OU=Tan??s??tv??nykiad??k (Certification Services), CN=NetLock Arany (Class Gold) F??tan??s??tv??ny"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Networking"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=IdenTrust, CN=IdenTrust Public Sector Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign Root CA - R6, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "CN=IKEv2 VPN CA, O=IKEv2 VPN"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=NL, O=Staat der Nederlanden, CN=Staat der Nederlanden EV Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GR, L=Athens, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions ECC RootCA 2015"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - EC1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, CN=GlobalSign Root R46"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority ECC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=RO, O=CERTSIGN SA, OU=certSIGN ROOT CA G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=WISeKey, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GC CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HK, ST=Hong Kong, L=Hong Kong, O=Hongkong Post, CN=Hongkong Post Root CA 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 1 G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GR, L=Athens, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions RootCA 2015"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority RSA R2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "CN=Atos TrustedRoot 2011, O=Atos, C=DE"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TR, L=Ankara, O=E-Tu??ra EBG Bili??im Teknolojileri ve Hizmetleri A.??., OU=E-Tugra Sertifikasyon Merkezi, CN=E-Tugra Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HU, L=Budapest, O=NetLock Kft., OU=Tan??s??tv??nykiad??k (Certification Services), CN=NetLock Arany (Class Gold) F??tan??s??tv??ny"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=China Financial Certification Authority, CN=CFCA EV ROOT"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=UniTrust, CN=UCA Extended Validation Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, CN=Autoridad de Certificacion Firmaprofesional CIF A62634068"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HU, L=Budapest, O=NetLock Kft., OU=Tan??s??tv??nykiad??k (Certification Services), CN=NetLock Arany (Class Gold) F??tan??s??tv??ny"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=KR, O=NAVER BUSINESS PLATFORM Corp., CN=NAVER Global Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority RSA R2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=FR, O=Dhimyotis, OU=0002 48146308100036, CN=Certigna Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global ECC P256 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HU, L=Budapest, O=Microsec Ltd., 55:04:61=VATHU-23584497, CN=e-Szigno Root CA 2017"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=JP, O=Japan Certification Services, Inc., CN=SecureSign RootCA11"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=SecureTrust Corporation, CN=Secure Global CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, OU=emSign PKI, O=eMudhra Inc, CN=emSign ECC Root CA - C3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GR, L=Athens, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions RootCA 2015"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HK, ST=Hong Kong, L=Hong Kong, O=Hongkong Post, CN=Hongkong Post Root CA 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GR, L=Athens, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions ECC RootCA 2015"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, CN=Autoridad de Certificacion Firmaprofesional CIF A62634068"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, OU=www.xrampsecurity.com, O=XRamp Security Services Inc, CN=XRamp Global Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Microsoft Corporation, CN=Microsoft ECC Root Certificate Authority 2017"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Premium"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Networking"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GR, L=Athens, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions ECC RootCA 2015"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, OU=emSign PKI, O=eMudhra Inc, CN=emSign ECC Root CA - C3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority ECC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=China Financial Certification Authority, CN=CFCA EV ROOT"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 EV 2009"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IN, OU=emSign PKI, O=eMudhra Technologies Limited, CN=emSign Root CA - G1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TW, O=Chunghwa Telecom Co., Ltd., OU=ePKI Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global ECC P256 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=FR, O=Dhimyotis, CN=Certigna"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Commercial"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=WISeKey, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GB CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=SwissSign AG, CN=SwissSign Silver CA - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3 G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=RO, O=CERTSIGN SA, OU=certSIGN ROOT CA G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TR, L=Gebze - Kocaeli, O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK, OU=Kamu Sertifikasyon Merkezi - Kamu SM, CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TR, L=Gebze - Kocaeli, O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK, OU=Kamu Sertifikasyon Merkezi - Kamu SM, CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=IdenTrust, CN=IdenTrust Public Sector Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, O=Trustis Limited, OU=Trustis FPS Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - EC1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2015 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IN, OU=emSign PKI, O=eMudhra Technologies Limited, CN=emSign ECC Root CA - G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=FNMT-RCM, OU=AC RAIZ FNMT-RCM"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "CN=Atos TrustedRoot 2011, O=Atos, C=DE"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HU, L=Budapest, O=Microsec Ltd., CN=Microsec e-Szigno Root CA 2009, E=info@e-szigno.hu"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 EV 2009"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=Agencia Catalana de Certificacio (NIF Q-0801176-I), OU=Serveis Publics de Certificacio, OU=Vegeu https://www.catcert.net/verarrel (c)03, OU=Jerarquia Entitats de Certificacio Catalanes, CN=EC-ACC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=IdenTrust, CN=IdenTrust Public Sector Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD., CN=GDCA TrustAUTH R5 ROOT"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Premium"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign Root CA - R6, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HK, O=Hongkong Post, CN=Hongkong Post Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=NO, O=Buypass AS-983163327, CN=Buypass Class 3 Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=IZENPE S.A., CN=Izenpe.com"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=FI, O=Sonera, CN=Sonera Class2 CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=FNMT-RCM, OU=Ceres, 55:04:61=VATES-Q2826004J, CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, OU=emSign PKI, O=eMudhra Inc, CN=emSign Root CA - C1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3 G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=NL, O=Staat der Nederlanden, CN=Staat der Nederlanden EV Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Networking"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor ECA-1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=Digital Signature Trust Co., CN=DST Root CA X3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "CN=IKEv2 VPN CA, O=IKEv2 VPN"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=Agencia Catalana de Certificacio (NIF Q-0801176-I), OU=Serveis Publics de Certificacio, OU=Vegeu https://www.catcert.net/verarrel (c)03, OU=Jerarquia Entitats de Certificacio Catalanes, CN=EC-ACC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=NL, O=Staat der Nederlanden, CN=Staat der Nederlanden EV Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2015 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Commercial"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=TeliaSonera, CN=TeliaSonera Root CA v1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign ECC Root CA - R4, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=FR, O=Dhimyotis, OU=0002 48146308100036, CN=Certigna Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IN, OU=emSign PKI, O=eMudhra Technologies Limited, CN=emSign ECC Root CA - G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "CN=IKEv2 VPN CA, O=IKEv2 VPN"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=RO, O=CERTSIGN SA, OU=certSIGN ROOT CA G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=SecureTrust Corporation, CN=SecureTrust CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign ECC Root CA - R4, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GR, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions RootCA 2011"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PL, O=Krajowa Izba Rozliczeniowa S.A., CN=SZAFIR ROOT CA2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Global Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=WISeKey, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GB CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=Cybertrust, Inc, CN=Cybertrust Global Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Premium"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HU, L=Budapest, O=Microsec Ltd., 55:04:61=VATHU-23584497, CN=e-Szigno Root CA 2017"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IN, OU=emSign PKI, O=eMudhra Technologies Limited, CN=emSign Root CA - G1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=UniTrust, CN=UCA Extended Validation Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PL, O=Krajowa Izba Rozliczeniowa S.A., CN=SZAFIR ROOT CA2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor ECA-1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign Root CA - R6, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "CN=Atos TrustedRoot 2011, O=Atos, C=DE"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=SecureTrust Corporation, CN=Secure Global CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=RO, O=certSIGN, OU=certSIGN ROOT CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global ECC P256 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=SK, L=Bratislava, O=Disig a.s., CN=CA Disig Root R2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority ECC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=SwissSign AG, CN=SwissSign Silver CA - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=NO, O=Buypass AS-983163327, CN=Buypass Class 3 Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GR, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions RootCA 2011"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=SK, L=Bratislava, O=Disig a.s., CN=CA Disig Root R2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - EC1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=TeliaSonera, CN=TeliaSonera Root CA v1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Microsoft Corporation, CN=Microsoft ECC Root Certificate Authority 2017"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=JP, O=Japan Certification Services, Inc., CN=SecureSign RootCA11"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2015 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global ECC P384 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=SecureTrust Corporation, CN=SecureTrust CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign ECC Root CA - R4, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HK, O=Hongkong Post, CN=Hongkong Post Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 EV 2009"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global ECC P384 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=FR, O=Dhimyotis, CN=Certigna"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, OU=emSign PKI, O=eMudhra Inc, CN=emSign Root CA - C1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=KR, O=NAVER BUSINESS PLATFORM Corp., CN=NAVER Global Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HU, L=Budapest, O=Microsec Ltd., CN=Microsec e-Szigno Root CA 2009, E=info@e-szigno.hu"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=Cybertrust, Inc, CN=Cybertrust Global Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GR, L=Athens, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions RootCA 2015"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, O=Trustis Limited, OU=Trustis FPS Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 1 G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PL, O=Krajowa Izba Rozliczeniowa S.A., CN=SZAFIR ROOT CA2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=JP, O=Japan Certification Services, Inc., CN=SecureSign RootCA11"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=RO, O=certSIGN, OU=certSIGN ROOT CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=Agencia Catalana de Certificacio (NIF Q-0801176-I), OU=Serveis Publics de Certificacio, OU=Vegeu https://www.catcert.net/verarrel (c)03, OU=Jerarquia Entitats de Certificacio Catalanes, CN=EC-ACC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TR, L=Ankara, O=E-Tu??ra EBG Bili??im Teknolojileri ve Hizmetleri A.??., OU=E-Tugra Sertifikasyon Merkezi, CN=E-Tugra Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, CN=Autoridad de Certificacion Firmaprofesional CIF A62634068"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=FNMT-RCM, OU=Ceres, 55:04:61=VATES-Q2826004J, CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=IZENPE S.A., CN=Izenpe.com"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=Digital Signature Trust Co., CN=DST Root CA X3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=FR, O=Dhimyotis, CN=Certigna"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Global Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Premium ECC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor ECA-1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, OU=www.xrampsecurity.com, O=XRamp Security Services Inc, CN=XRamp Global Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IN, OU=emSign PKI, O=eMudhra Technologies Limited, CN=emSign Root CA - G1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "CN=ACCVRAIZ1, OU=PKIACCV, O=ACCV, C=ES"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=UniTrust, CN=UCA Global G2 Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GR, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions RootCA 2011"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=NO, O=Buypass AS-983163327, CN=Buypass Class 3 Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=Digital Signature Trust Co., CN=DST Root CA X3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, CN=GlobalSign Root E46"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=UniTrust, CN=UCA Global G2 Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Microsoft Corporation, CN=Microsoft ECC Root Certificate Authority 2017"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HU, L=Budapest, O=Microsec Ltd., 55:04:61=VATHU-23584497, CN=e-Szigno Root CA 2017"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, CN=GlobalSign Root E46"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=KR, O=NAVER BUSINESS PLATFORM Corp., CN=NAVER Global Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Premium ECC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=TeliaSonera, CN=TeliaSonera Root CA v1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=UniTrust, CN=UCA Extended Validation Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, OU=www.xrampsecurity.com, O=XRamp Security Services Inc, CN=XRamp Global Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority ECC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=FNMT-RCM, OU=Ceres, 55:04:61=VATES-Q2826004J, CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Microsoft Corporation, CN=Microsoft RSA Root Certificate Authority 2017"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "CN=IKEv2 VPN CA, O=IKEv2 VPN"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=FNMT-RCM, OU=AC RAIZ FNMT-RCM"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=GB, O=Trustis Limited, OU=Trustis FPS Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HK, O=Hongkong Post, CN=Hongkong Post Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 1 G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority RSA R2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=SecureTrust Corporation, CN=Secure Global CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=SK, L=Bratislava, O=Disig a.s., CN=CA Disig Root R2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, CN=GlobalSign Root R46"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TR, L=Ankara, O=E-Tu??ra EBG Bili??im Teknolojileri ve Hizmetleri A.??., OU=E-Tugra Sertifikasyon Merkezi, CN=E-Tugra Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=FI, O=Sonera, CN=Sonera Class2 CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TW, O=Chunghwa Telecom Co., Ltd., OU=ePKI Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Premium ECC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, OU=emSign PKI, O=eMudhra Inc, CN=emSign ECC Root CA - C3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=ES, O=IZENPE S.A., CN=Izenpe.com"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=FR, O=Dhimyotis, OU=0002 48146308100036, CN=Certigna Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TR, L=Gebze - Kocaeli, O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK, OU=Kamu Sertifikasyon Merkezi - Kamu SM, CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global ECC P384 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=China Financial Certification Authority, CN=CFCA EV ROOT"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "CN=ACCVRAIZ1, OU=PKIACCV, O=ACCV, C=ES"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=WISeKey, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GB CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Global Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "CN=ACCVRAIZ1, OU=PKIACCV, O=ACCV, C=ES"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=UniTrust, CN=UCA Global G2 Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority ECC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=RO, O=certSIGN, OU=certSIGN ROOT CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD., CN=GDCA TrustAUTH R5 ROOT"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Microsoft Corporation, CN=Microsoft RSA Root Certificate Authority 2017"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HK, ST=Hong Kong, L=Hong Kong, O=Hongkong Post, CN=Hongkong Post Root CA 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, CN=GlobalSign Root R46"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=HU, L=Budapest, O=Microsec Ltd., CN=Microsec e-Szigno Root CA 2009, E=info@e-szigno.hu"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=FI, O=Sonera, CN=Sonera Class2 CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3 G3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Microsoft Corporation, CN=Microsoft RSA Root Certificate Authority 2017"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "O=Cybertrust, Inc, CN=Cybertrust Global Root"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 3"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority ECC"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CH, O=SwissSign AG, CN=SwissSign Silver CA - G2"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=CN, O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD., CN=GDCA TrustAUTH R5 ROOT"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending cert request for "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] authentication of 'CN=yuxing, O=IKEv2 VPN' (myself) with RSA_EMSA_PKCS1_SHA2_256 successful
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] sending end entity cert "CN=yuxing, O=IKEv2 VPN"
3月 23 11:58:53 x charon-nm[36258]: 11[IKE] establishing CHILD_SA VPN 连接 1{1}
3月 23 11:58:53 x charon-nm[36258]: 11[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ AUTH CPRQ(ADDR ADDR6 DNS NBNS DNS6) N(IPCOMP_SUP) SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
3月 23 11:58:53 x charon-nm[36258]: 11[ENC] splitting IKE message (9248 bytes) into 8 fragments
3月 23 11:58:53 x charon-nm[36258]: 11[ENC] generating IKE_AUTH request 1 [ EF(1/8) ]
3月 23 11:58:53 x charon-nm[36258]: 11[ENC] generating IKE_AUTH request 1 [ EF(2/8) ]
3月 23 11:58:53 x charon-nm[36258]: 11[ENC] generating IKE_AUTH request 1 [ EF(3/8) ]
3月 23 11:58:53 x charon-nm[36258]: 11[ENC] generating IKE_AUTH request 1 [ EF(4/8) ]
3月 23 11:58:53 x charon-nm[36258]: 11[ENC] generating IKE_AUTH request 1 [ EF(5/8) ]
3月 23 11:58:53 x charon-nm[36258]: 11[ENC] generating IKE_AUTH request 1 [ EF(6/8) ]
3月 23 11:58:53 x charon-nm[36258]: 11[ENC] generating IKE_AUTH request 1 [ EF(7/8) ]
3月 23 11:58:53 x charon-nm[36258]: 11[ENC] generating IKE_AUTH request 1 [ EF(8/8) ]
3月 23 11:58:53 x charon-nm[36258]: 11[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:53 x charon-nm[36258]: 11[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:53 x charon-nm[36258]: 11[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:53 x charon-nm[36258]: 11[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:53 x charon-nm[36258]: 11[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:53 x charon-nm[36258]: 11[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:53 x charon-nm[36258]: 11[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:53 x charon-nm[36258]: 11[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1092 bytes)
3月 23 11:58:57 x charon-nm[36258]: 15[IKE] retransmit 1 of request with message ID 1
3月 23 11:58:57 x charon-nm[36258]: 15[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:57 x charon-nm[36258]: 15[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:57 x charon-nm[36258]: 15[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:57 x charon-nm[36258]: 15[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:57 x charon-nm[36258]: 15[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:57 x charon-nm[36258]: 15[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:57 x charon-nm[36258]: 15[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1236 bytes)
3月 23 11:58:57 x charon-nm[36258]: 15[NET] sending packet: from 192.168.4.4[43189] to 47.111.131.123[4500] (1092 bytes)
3月 23 11:58:58 x charon-nm[36258]: 01[NET] received packet: from 47.111.131.123[4500] to 192.168.4.4[43189] (80 bytes)
3月 23 11:58:58 x charon-nm[36258]: 01[ENC] parsed IKE_AUTH response 1 [ N(AUTH_FAILED) ]
3月 23 11:58:58 x charon-nm[36258]: 01[IKE] received AUTHENTICATION_FAILED notify error
3月 23 11:58:58 x NetworkManager[521]: <warn>  [1616471938.2759] vpn-connection[0x56065aba0300,5f295d8d-dd24-4ce0-b17b-d7b105b1d3ff,"VPN 连接 1",0]: VPN plugin: failed: connect-failed (1)
3月 23 11:58:58 x NetworkManager[521]: <warn>  [1616471938.2760] vpn-connection[0x56065aba0300,5f295d8d-dd24-4ce0-b17b-d7b105b1d3ff,"VPN 连接 1",0]: VPN plugin: failed: connect-failed (1)
3月 23 11:58:58 x NetworkManager[521]: <info>  [1616471938.2760] vpn-connection[0x56065aba0300,5f295d8d-dd24-4ce0-b17b-d7b105b1d3ff,"VPN 连接 1",0]: VPN plugin: state changed: stopping (5)
3月 23 11:58:58 x NetworkManager[521]: <info>  [1616471938.2761] vpn-connection[0x56065aba0300,5f295d8d-dd24-4ce0-b17b-d7b105b1d3ff,"VPN 连接 1",0]: VPN plugin: state changed: stopped (6)
3月 23 11:58:58 x NetworkManager[521]: <warn>  [1616471938.2776] vpn-connection[0x56065aba0300,5f295d8d-dd24-4ce0-b17b-d7b105b1d3ff,"VPN 连接 1",0]: VPN plugin: failed: login-failed (0)

服务端日志

Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #46: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=AES_CTR_128;ENCR=AES_CTR_192;ENCR=AES_CTR_256;ENCR=CAMELLIA_CBC_128;ENCR=CAMELLIA_CBC_192;ENCR=CAMELLIA_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=BRAINPOOL_P256R1;DH=BRAINPOOL_P384R1;DH=BRAINPOOL_P512R1;DH=CURVE25519;DH=CURVE448;DH=OAKLEY_GROUP__1031??;DH=OAKLEY_GROUP__1032??;DH=OAKLEY_GROUP__1033??;DH=OAKLEY_GROUP__1040??;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192;DH=MODP2048[first-match] 2:IKE:ENCR=AES_CCM_C_128;ENCR=AES_CCM_C_192;ENCR=AES_CCM_C_256;ENCR=AES_GCM_C_128;ENCR=AES_GCM_C_192;ENCR=AES_GCM_C_256;ENCR=CHACHA20_POLY1305;ENCR=AES_CCM_A_128;ENCR=AES_CCM_A_192;ENCR=AES_...
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #46: initiator guessed wrong keying material group (ECP_256); responding with INVALID_KE_PAYLOAD requesting MODP2048
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #46: responding to IKE_SA_INIT message (ID 0) from 175.11.65.62:45312 with unencrypted notification INVALID_KE_PAYLOAD
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #46: state transition 'Respond to IKE_SA_INIT' failed
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #46: deleting state (STATE_PARENT_R0) aged 0.00017s and NOT sending notification
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #47: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=AES_CTR_128;ENCR=AES_CTR_192;ENCR=AES_CTR_256;ENCR=CAMELLIA_CBC_128;ENCR=CAMELLIA_CBC_192;ENCR=CAMELLIA_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=MODP2048;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=BRAINPOOL_P256R1;DH=BRAINPOOL_P384R1;DH=BRAINPOOL_P512R1;DH=CURVE25519;DH=CURVE448;DH=OAKLEY_GROUP__1031??;DH=OAKLEY_GROUP__1032??;DH=OAKLEY_GROUP__1033??;DH=OAKLEY_GROUP__1040??;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192[first-match] 2:IKE:ENCR=AES_CCM_C_128;ENCR=AES_CCM_C_192;ENCR=AES_CCM_C_256;ENCR=AES_GCM_C_128;ENCR=AES_GCM_C_192;ENCR=AES_GCM_C_256;ENCR=CHACHA20_POLY1305;ENCR=AES_CCM_A_128;ENCR=AES_CCM_A_192;ENCR=AES_...
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #47: sent IKE_SA_INIT reply {auth=IKEv2 cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #47: processing decrypted IKE_AUTH request: SK{IDi,CERT,N,CERTREQ,AUTH,SA,TSi,TSr,N,N,N,N}
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #47: certificate verified OK: O=IKEv2 VPN,CN=yuxing
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #47: ID_DER_ASN1_DN 'O=IKEv2 VPN,CN=yuxing' does not match expected 'CN=wangzhen, O=IKEv2 VPN'
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #47: Peer CERT payload SubjectAltName does not match peer ID for this connection
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #47: X509: connection failed due to unmatched IKE ID in certificate SAN
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[12] 175.11.65.62 #47: switched from "ikev2-cp"[12] 175.11.65.62 to "ikev2-cp"
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[14] 175.11.65.62 #47: IKEv2 mode peer ID is ID_DER_ASN1_DN: 'CN=yuxing, O=IKEv2 VPN'
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[14] 175.11.65.62 #47: no acceptable ECDSA/RSA-PSS ASN.1 signature hash proposal included for rsasig in I2 Auth Payload
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[14] 175.11.65.62 #47: responding to IKE_AUTH message (ID 1) from 175.11.65.62:49661 with encrypted notification AUTHENTICATION_FAILED
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[14] 175.11.65.62 #47: encountered fatal error in state STATE_PARENT_R1
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[14] 175.11.65.62 #47: deleting state (STATE_PARENT_R1) aged 0.091779s and NOT sending notification
Mar 23 14:17:32 iZbp1cc7u1shr7143226smZ pluto[3427]: "ikev2-cp"[14] 175.11.65.62: deleting connection instance with peer 175.11.65.62 {isakmp=#0/ipsec=#0}

服务器信息（请填写以下信息）

操作系统: CentOS 7 + docker
服务提供商（如果适用）: 阿里云

客户端信息（请填写以下信息）

设备: 笔记本
操作系统: Archlinux
VPN 模式: IKEv2
其它信息 添加关于该 bug 的其它信息。

hwdsl2 / setup-ipsec-vpn

linux连接不上 #954