[strongSwan] Certificate request payload with empty CA name

Martin Willi martin at strongswan.org
Mon Sep 30 10:42:49 CEST 2013


> * is there a way to make strongswan to send a "certreq" payload with
> empty CA name field ? I could think of any parameter to make strongswan
> to do this.

No, there is no such option.

strongSwan (5.x) either includes a single CERTREQ if you have a rightca,
or it sends a CERTREQ for each trusted root CA if no rightca is set.

> * How will strongswan behave when it receives such certreq payload ?

It just ignores such a CERTREQ.


More information about the Users mailing list