[strongSwan] [Strongswan] SubjectAltname given in leftid not going in IDi payload
Sriram
sriram.ec at gmail.com
Thu Aug 14 17:08:56 CEST 2014
Hello,
I am trying to establish ipsec tunnel using certificate authentication. I
am using strongswan 5.1.1 on both the peers.
I have configured leftid parameter in ipsec.conf to be
leftid = <subject Altname from certificate>
Here subject Altname is the FQDN.
On both the peers I have configured left id as above.
IKE_AUTH happens and tunnel gets established. However in IDi payload,
Subject Altname is not going, instead Full Subject name is exchanged.
Can u please let me know the reason behind this ? In between I saw the
below log,
2014-08-14T13:12:29+00:00 (none) charon: 05[CFG] id '123456789ABC at abc.com'
not confirmed by certificate, defaulting to 'C=IN, ST=KAR, L=BLR,
O=ABC,OU=Networking, CN=123456789ABC..
How to overcome this situation ?
Regards,
Sriram
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140814/68490c61/attachment.html>
More information about the Users
mailing list