[strongSwan] Client certificates on Android client with strongSwan
martin at strongswan.org
Mon Aug 2 12:06:38 CEST 2010
> whether there is currently any way or future plans to allow key
> authentication instead of the username/password authentication?
In its current form, the configuration via the android plugin and the
front-end patch is limited to password authentication. We don't have any
fixed plans to extend it, but this doesn't mean that it won't happen.
> Particularly, I'd like to connect from android device using client
> certificates and micro SD card via SDIO as smartcard with signed key.
If your SDIO smartcard has a PKCS#11 driver, this shouldn't be too
difficult. Extended PKCS#11 support is in the pipeline and will be
merged for 4.4.2.
If not, attaching the smartcard is a little more work. I didn't find any
Application Specification for attaching smartcards via SDIO, though.
Although such a setup absolutely makes sense, it is a rather exotic. I
don't think we will do any work in this direction from ourselves. But we
provide commercial development services, if this is an option for you.
More information about the Users