[strongSwan-dev] Strongswan not sending complete certificate

Andreas Steffen andreas.steffen at strongswan.org
Mon Feb 16 12:17:43 CET 2015


Hi Akash,

by default strongSwan sends its certificate upon request
(leftcert=ifasked), i.e. only if a CERTREQ payload is received
from the peer. If you want your strongSwan endpoint to send its
certificate in any case then add

   leftsendcert=always

to the connection definition in /etc/ipsec.conf.

Best regards

Andreas

On 16.02.2015 06:41, Akash Deep wrote:
> Hi,
>
> Strongswan not sending complete certificate. Is there any method to send
> the complete certificate not just the DN field of the certificate?
>
> Regards,
> Akash

======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20150216/b608eaa8/attachment.bin>


More information about the Dev mailing list