[strongSwan] Programmatically create/remove connections via the networkmanager plugin?

[reeuwijk]

Hi,

I'm looking for an simple and reliable solution for creating and removing arbitrary strongSwan connections from a program, or at least from the command line. That is, I do not want to activate or deactivate one of the entries in the Strongswan configuration files, but rather I want to create a tunnel to an arbitrary node with arbitrary parameters.

I understand that directly using the strongSwan command line tools for this is not possible, but I recently realised that I might be able to use the networkManager plugin for this. Ideally I would like to do this from a Java program, but I'm willing to compromise on this. Would any of these solutions work:

- Talk to networkManager from Java via some kind of dBus library (I hope it exists).
- Invoke the nmcli tool from Java.
- Write a Python script to talk to networkManager, and invoke that from Java.
- Anything else?

One issue is that I need to provide a certificate for each tunnel. I get the impression that as long as I store that certificate in a file somewhere, this will work, but I'm not sure exactly what I need to do.

Does anyone have experience with this? Is it possible in theory? Other thoughts?

Thanks for your help with this!

-- 
Dr. Ir. Kees van Reeuwijk, Vrije Universiteit Amsterdam