[strongSwan] Strongswan Configuration Question
Edward Morris
edmorris at gossamersec.com
Wed Apr 23 17:14:43 CEST 2014
Hello,
I wish to test a VPN Client's ability to handle an invalid ID. While using
strongswan, the logs showed an error message of " id '<fqdn>' not confirmed
by certificate, defaulting to '<cert_subject>' ".
I found from an earlier strongSwan mailing list response that "If both
leftid and leftcert are specified, leftid has to match the subject or one of
the subjectAltNames of the certificate, otherwise it defaults back to the
subject".
However, in my case, I intentionally desire such a mis-match, so I searched
for any configuration option to allow this. I believe that no such
configuration option exists and that a patch to the source would be needed,
correct?
Thanks
Ed
More information about the Users
mailing list