Setting up IPsec with x509 certificates fails due to incomplete identity specified
Applies to
- ONTAP 9.10.1 or later
- IPsec
- x509 certificates
Issue
- New setup for ipsec to use x509 certifcates for authentication
charon logs
on the storage controller contain the following entries:
[IKE] no trusted RSA public key found for 'CN=fqdn.of.server' in vserver x
- Certificate chain has been checked both on client and storage controller