[strongSwan] ikev1 mutual certificate authentication

WorkingMan signup_mail2002 at yahoo.com
Mon Sep 30 21:30:54 CEST 2013


I would like to understand how the mutual certificate verification is done in 
strongswan (I understand EAP-TLS is a strong mutual certificate authentication 
and it needs to go back and forth a few time between the two parties)

configuration used:

leftauth= pubkey
rightauth= pubkey

Based on the log it says:

authentication of <client DN> with RSA successful
authentication of <server DN> (myself) successful

Can you explain exactly the certificate flow since it's all happening on 
server side?

I assume ca.pem can validate client certificate. What does the "(myself)" part 
do to validate itself? I would like to understand that so I can justify our 

Thanks, much appreciated

More information about the Users mailing list