[strongSwan] preloading client certificates
andreas.steffen at strongswan.org
Thu Oct 2 09:42:58 CEST 2014
there is no command to list all end entity certificates stored in
/etc/ipsec.d/certs. The only way is either to explicitly define
at least one connection
for each of the end entity certificates or to combine the private
and public key in a PKCS#12 file, store it in /etc/ipsec.d/private/
and load it explicitly via a
: P12 cert_x.p12 "<password>"
entry in /etc/ipsec.secrets.
On 10/02/2014 06:15 AM, cellkites at hushmail.com wrote:
> Is anyone able to tell me how I would pre-load all my clients pubkeys on
> a strongswan server?
> I've copied them to the /etc/ipsec.d/certs directory and restarted the
> daemon but "ipsec listcerts" still only lists the certificates that I
> have a private key for. Is there a particular directive that i need to
> set to have strongswan load all the public keys in this directory?
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
More information about the Users