[strongSwan-dev] Monitoring certificate per ip
andreas.steffen at strongswan.org
Sun Aug 3 09:24:15 CEST 2014
you could write your own monitoring plugin along the lines of the
where a bus listener collects the certificates used and checks them
for the expiration date.
In your case you could store the received peer certificates together
with the corresponding IKE identities in a local file or send the
information over a network socket.to a proxy server.
On 08/02/2014 08:05 PM, The supervisor wrote:
> I'm new to strongswan and i am trying to achieve something that
> shouldn't be very hard, i have the following setup :
> Clients --> Strongswan VPN --> transparent proxy --> Internet.
> Clients connect to strongswan vpn using client certificate.
> I'm trying to find the simplest way (minimum code changes) to know which
> client uses which certificate (and then to send this information to my
> transparent proxy, or just print it to a file).
> For example, when client with ip 10.1.0.1 connected using certificate X,
> i want to send to my proxy a message about it.
> I downloaded and compiled the code, but i don't know really where to
> start, If someone could point me to the relevant code modules i would
> very appreciate it, also any general explanation about how to achieve
> my goal would be helpful also.
> Thanks in advanced,
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
More information about the Dev