[strongSwan] Certificates in cacerts directory
Andreas Steffen
andreas.steffen at strongswan.org
Tue Feb 23 19:40:42 CET 2010
Hello Mugur,
ABULIUS, MUGUR (MUGUR) wrote:
> Hello Andreas
>
> Thank you for the clear explanation and example.
>
> General strongSwan question:
>
> Which among all certificates from "/etc/ipsec.d/cacerts/" strongSwan
> will choose to build the list of its trust anchors to be sent in its
> CERTREQ payload?
>
If rightca is specified then we only request certificates issued by
rightca. Otherwise we send certificate requests for all CAs contained
in /etc/ipsec.d/cacerts/, irrespective whether they are root or
intermediate CAs.
> Best Regards Mugur
Best regards
Andreas
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list