[strongSwan] About leftca and rightca
ABULIUS, MUGUR (MUGUR)
mugur.abulius at alcatel-lucent.com
Tue Jul 13 09:08:20 CEST 2010
Hello,
For left|rightca the ConnSection documentation says:
"the distinguished name of a certificate authority which is required to lie in the trust
path going from the left|right participant's certificate up to the root certification authority."
Can you confirm please that the "rightca" is the distinguished name of the CA used by
the local system to designate its unique trust anchor via the CERTREQ payload? If
this assumption is true, can you please confirm that a certificates whose SubjectName
having the same value as "rightca" must reside in "/etc/ipsec.d/cacerts/"?
I am not able to figure out the exact meaning of "leftca" and how it is used by strongSwan
in the authentication process and within the IKE_AUTH message exchange (if ever).
Best Regards
Mugur
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20100713/1e658827/attachment.html>
More information about the Users
mailing list