[strongSwan] Send CA certificates during the ISAKMP phase
joern.mewes at gmx.net
Mon May 21 20:34:58 CEST 2012
Not sure if the below email went trough. Can someone please tell me if
its possible to configure pluto so send intermediate certificates during
the isakmp phase?
> Is there any way to configure pluto to send its intermediate (ca)
> certificate during the IKE phase? We are using a certificate chain
> (root-ca, sub1-ca, sub2-ca) and I observed that VPN peers having the
> certificates from sub1-ca cannot verify the strongswan certs issued by
> sub2-ca as strongswan sends the client certificate only.
> I read in https://lists.strongswan.org/pipermail/users/2011-January/005842.html
> that charon can do this but I am wondering if this is possible with
> pluto as well as we have to stick with IKEv1.
> Can you give a short hint how to configure this?
> Thanks and regards,
NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone!
Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a
More information about the Users