Thank you for the inputs Martin, <div><br></div><div>I tried adding <b>
<span style="font-family:Monaco,'Courier New',monospace;font-size:12px;line-height:16px;white-space:pre;background-color:rgb(248,248,248)">BUILD_SUBJECT_ALTNAMES, "DNS:<a href="http://iprc.nlt.in">iprc.nlt.in</a>", </span></b> to the load_tester_creds.c file as u told but i am getting the following error from the DMN</div>
<div><br></div><div><div>May 23 13:59:53 localhost charon: 09[DMN] thread 9 received 11</div><div>May 23 13:59:54 localhost charon: 09[DMN] killing ourself, received critical signal</div><div><br></div><div>And also i have one more problem from the beginning... ipsec is not reading any configuration from the ipsec.conf file. If i add rightid or leftid parameters in the ipsec.conf it is not reflecting the the detailed log /var/log/messags. Only it is reading from the ""config setup"" section not from the ""conn %default"" section. Can you please tell me what might be the problem ?</div>
<div><br></div><div>Regards,</div><div>Naren</div><br><div class="gmail_quote">On Tue, May 22, 2012 at 1:59 PM, Martin Willi <span dir="ltr"><<a href="mailto:martin@strongswan.org" target="_blank">martin@strongswan.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Naren,<br>
<div class="im"><br>
> The Client certificates are generated on demand signed by the CA<br>
> certificate ( load_tester_creds.c file ). How can i add the<br>
> subjectAltName to these on demand certificates ? Is there any<br>
> configuration file ? or do i need to make alterations in the code ?<br>
<br>
</div>No, there is no such configuration option. You'd have to extend the<br>
sources of load tester.<br>
<div class="im"><br>
> I know that the subjectAltName can only be added in the openssl.cnf<br>
> file before generating the certificate. So how can i make the on<br>
> demand certificates to read from my openssl.cnf file ?<br>
<br>
</div>Load tester does not use OpenSSL to generate the certificate, but our<br>
own routines from libstrongswan. To add additional attributes to client<br>
certificates, pass BUILD_* arguments to [1]. See [2] and [3] to read<br>
more about how the credential building facility works.<br>
<br>
Regards<br>
Martin<br>
<br>
[1]<a href="http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libcharon/plugins/load_tester/load_tester_creds.c#l251" target="_blank">http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libcharon/plugins/load_tester/load_tester_creds.c#l251</a><br>
[2]<a href="http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/credentials/credential_factory.h" target="_blank">http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/credentials/credential_factory.h</a><br>
[3]<a href="http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/credentials/builder.h" target="_blank">http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/credentials/builder.h</a><br>
<br>
<br>
</blockquote></div><br></div>