Thanks Alexander for this bug report and for finding the upstream bug report, I linked it to this report.
The bug is fixed upstream, but the required patches are spread across at least 5 commits: https://git.strongswan.org/?p=strongswan.git&a=search&h=HEAD&st=commit&s=3249 It is not totally straightforward to understand the scope of those changes, but the bug is valid and actionable. ** Bug watch added: wiki.strongswan.org/issues #3249 https://wiki.strongswan.org/issues/3249 ** Also affects: strongswan via https://wiki.strongswan.org/issues/3249 Importance: Unknown Status: Unknown ** Changed in: strongswan (Ubuntu) Status: New => Triaged ** Tags added: server-next -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1879692 Title: Strongswan pki creates CA certificates with invalid Key Usage flags To manage notifications about this bug go to: https://bugs.launchpad.net/strongswan/+bug/1879692/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
