diff -Naur libreswan-3.32-orig/lib/libipsecconf/confread.c libreswan-3.32/lib/libipsecconf/confread.c
--- libreswan-3.32-orig/lib/libipsecconf/confread.c 2020-07-28 20:25:54.618261606 -0400
+++ libreswan-3.32/lib/libipsecconf/confread.c 2020-07-28 20:28:03.952421236 -0400
@@ -1498,9 +1498,14 @@
} else if (streq(val, "rsasig") || streq(val, "rsa")) {
conn->policy |= POLICY_RSASIG;
conn->policy |= POLICY_RSASIG_v1_5;
+ /*
+ * These cause failure with RSA 1024 bits because it uses RSA-PSS
+ */
+#if 0
conn->sighash_policy |= POL_SIGHASH_SHA2_256;
conn->sighash_policy |= POL_SIGHASH_SHA2_384;
conn->sighash_policy |= POL_SIGHASH_SHA2_512;
+#endif
} else if (streq(val, "never")) {
conn->policy |= POLICY_AUTH_NEVER;
/* everything else is only supported for IKEv2 */