[strongSwan] Client certificates on Android client with strongSwan

Martin Willi martin at strongswan.org
Mon Aug 2 12:06:38 CEST 2010

Hi Juraj,

> whether there is currently any way or future plans to allow key
> authentication instead of the username/password authentication?

In its current form, the configuration via the android plugin and the
front-end patch is limited to password authentication. We don't have any
fixed plans to extend it, but this doesn't mean that it won't happen.

> Particularly, I'd like to connect from android device using client
> certificates and micro SD card via SDIO as smartcard with signed key.

If your SDIO smartcard has a PKCS#11 driver, this shouldn't be too
difficult. Extended PKCS#11 support is in the pipeline and will be
merged for 4.4.2.
If not, attaching the smartcard is a little more work. I didn't find any
Application Specification for attaching smartcards via SDIO, though.

Although such a setup absolutely makes sense, it is a rather exotic. I
don't think we will do any work in this direction from ourselves. But we
provide commercial development services, if this is an option for you.

Best regards

More information about the Users mailing list