[strongSwan] Certificates in cacerts directory
ABULIUS, MUGUR (MUGUR)
mugur.abulius at alcatel-lucent.com
Wed Feb 24 11:05:28 CET 2010
> You can check this behaviour in our sample scenario
In the example the < ca section > for moon specifies the CA's certificate with "cacert=" (almost all other examples do not use "cacert=").
Why "cacert=" is necessary? Which will be the behaviour if "cacert=" is not specified (for strongSwan and IKEv2 exchanges point of view)?
In the example the moon's certificate happens to be signed by a self-signed root certificate. In general, does "cacert=" specify the CA's certificate or the root's certificate (in case is not the same)?
More information about the Users