Hello,

I am a beginner with using strongswan library. I see there are certificate validation plugins available in libstrongswan library but I am not familiar with how it get invoked. In my system I see the function 

parse_extensions() in the file plugins/openssl/openssl_x509.c did not get executed. Am I missing anything? My peer certificate has the KU and EKU extensions in the certificate.  The IpSec tunnels are established and working fine.