[strongSwan-dev] more SQL and key IDs
J. Tang
tang at jtang.org
Fri May 14 01:31:35 CEST 2010
I was able to inspect the strongswanCert.pem like so:
ipsec pki --keyid --type x509 --in strongswanCert.pem
subjectKeyIdentifier: 5d:a7:dd:70:06:51:32:7e:e7:b6:6d:b3:b5:e5:e0:60:ea:2e:4d:ef
subjectPublicKeyInfo hash: ae:09:6b:87:b4:48:86:d3:b8:20:97:86:23:da:bd:0e:ae:22:eb:bc
In tests/sql/rw-cert/hosts/moon/etc/ipsec.d/data.sql, the second
INSERT statement is:
INSERT INTO identities (
type, data
) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
);
which is the subjectKeyIdentifier.
However, in tests/sql/ip-pool-db/hosts/moon/etc/ipsec.d/data.sql, the
second INSERT statement is:
INSERT INTO identities (
type, data
) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
);
which is the subjectPublicKeyInfo hash.
Why does one SQL file use one value, while the other uses the other?
If I were writing my own SQL statements, how would I know which one I
should insert?
--
Jason Tang / tang at jtang.org / http://www.jtang.org
More information about the Dev
mailing list