[strongSwan-dev] getting to peer certificate from ike_sa_t in a eap-tls connection

Tobias Brunner tobias at strongswan.org
Wed Nov 28 11:39:52 CET 2018


> Is there a way to get to the peer's certificate from an ike_sa_t pointer
> for an eap-tls connection.

No, there isn't.  The auth_cfg_t used in the TLS library (tls_peer_t,
via eap-tls plugin), which stores the certificate, is never merged with
that used for IKE.


More information about the Dev mailing list