[strongSwan] decoupling server's leftid and server's certificate

Martin Willi martin at strongswan.org
Tue Sep 25 09:18:32 CEST 2012


Hi Robert,

> How can we make the server decouple its leftid and its certificate as
> in the sample ipsec.conf above?

The best way to let your gateway act with different identities, but the
same certificate, is to use subjectAltNames. If your certificate
contains subjectAltNames for all your gateway identities, the identity
can be used for selecting a configuration.

> Does this violate any specifications/standards?

Yes, see [1]. There are serious security implications if the peer
identity is decoupled from the certificate: The peer identity in the ID
payload is used to lookup policies. If any certificate can be used to
authenticate any identity, an attacker with any valid certificate (and
the associated private key) can impersonate everybody else (e.g. a
client can act as a gateway).

You may try the patch at [2] and set the strongswan.conf option
charon.cert_id_binding to no. However, do it only if you really
understand the implications.

Regards
Martin

[1]http://tools.ietf.org/html/rfc4945#section-3.1.2
[2]http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=7f03c277







More information about the Users mailing list