[strongSwan] Send CA certificates during the ISAKMP phase
Joern Mewes
joern.mewes at gmx.net
Mon May 21 20:34:58 CEST 2012
Hi,
Not sure if the below email went trough. Can someone please tell me if
its possible to configure pluto so send intermediate certificates during
the isakmp phase?
Thanks,
Joern
> Hello,
> Is there any way to configure pluto to send its intermediate (ca)
> certificate during the IKE phase? We are using a certificate chain
> (root-ca, sub1-ca, sub2-ca) and I observed that VPN peers having the
> certificates from sub1-ca cannot verify the strongswan certs issued by
> sub2-ca as strongswan sends the client certificate only.
> I read in https://lists.strongswan.org/pipermail/users/2011-January/005842.html
> that charon can do this but I am wondering if this is possible with
> pluto as well as we have to stick with IKEv1.
> Can you give a short hint how to configure this?
> Thanks and regards,
> Joern
--
NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone!
Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a
More information about the Users
mailing list