[strongSwan] preloading client certificates

Andreas Steffen andreas.steffen at strongswan.org
Fri Oct 3 08:28:39 CEST 2014

Hi Pete,

On 10/03/2014 02:31 AM, cellkites at hushmail.com wrote:
> Sorry, one more question.
> One my android peers I have a self gen CA preloaded and manually
> specified (i.e. select automatically is unticked), however looking at
> the logs I can see in the ike auth request they are requesting the
> responder send a copy of that cert. Why is that?
The certificate request is not for a copy of the root CA but for
a certificate *issued* by the requested root CA.



Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20141003/4d953a75/attachment.bin>

More information about the Users mailing list