[strongSwan-dev] load-authority request over VICI interface

Tobias Brunner tobias at strongswan.org
Mon Oct 2 09:55:21 CEST 2017

Hi Erick,

> However, I believe now I am supposed to issue the "load-authority" command to load that CA certificate.

You don't.  These options are only needed if you want to associate a CA
with e.g. a CDP that is not contained in the certificates, see [1].

> since I want to load the PEM data over VICI itself..

You pass such a blob in the `cacert` key.  The `file` key is to load
from an absolute path accessible by the daemon and `handle` (plus `slot`
and `module`) may be used to load the certificate from a smartcard or TPM.



More information about the Dev mailing list