[strongSwan-dev] getting to peer certificate from ike_sa_t in a eap-tls connection

Sach K sacho.polo at gmail.com
Tue Nov 27 08:09:41 CET 2018


Is there a way to get to the peer's certificate from an ike_sa_t pointer
for an eap-tls connection. I have a connection from a windows machine to
strongswan using eap-tls, but when I try to get the cert from an
enumeration of auth_cfg_t from the ike_sa, I do not see any rule that has
the cert. The same thing works well the windows connects using machine cert
without eap. I need the cert when the updown script is called in order to
get some fields from the cert. I am using strongswan 5.1.3 + patches.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20181126/dc81b102/attachment.html>

More information about the Dev mailing list