diff --git a/roles/client/files/libstrongswan-relax-constraints.conf b/roles/client/files/libstrongswan-relax-constraints.conf
new file mode 100644
index 0000000..26dc19a
--- /dev/null
+++ b/roles/client/files/libstrongswan-relax-constraints.conf
@@ -0,0 +1,5 @@
+libstrongswan {
+  x509 {
+    enforce_critical = no
+  }
+}
diff --git a/roles/client/tasks/main.yml b/roles/client/tasks/main.yml
index a2be955..bc7a221 100644
--- a/roles/client/tasks/main.yml
+++ b/roles/client/tasks/main.yml
@@ -53,6 +53,14 @@
   notify:
     - restart strongswan
 
+- name: Configure libstrongswan to relax CA constraints
+  copy:
+    src: libstrongswan-relax-constraints.conf
+    dest: "{{ configs_prefix }}/strongswan.d/relax-ca-constraints.conf"
+    owner: root
+    group: root
+    mode: 0644
+
 - name: Setup the certificates and keys
   template:
     src: "{{ item.src }}"