[strongSwan] Is IKEv2 certificate binding to the hardware?
tefeng
tefeng.em at gmail.com
Thu Sep 18 18:53:08 CEST 2014
Hi, All,
I have been using strongswan 4.6.4 on my VPS and it worked well.
Recently I migrated it to another VPS (still 4.6.4 and the same
certificates copied from the previous VPS) but the vpn client (Agile VPN
Client in win7 or strongSwan VPN Client for android) with IKEv2
certificate didn't work except that IKEv1 certificate is OK with Cisco
VPN Client.
Is IKEv2 certificate binding to the hardware? If yes, then I have to
reproduce the certificates.
The 2nd question: Is it possible to substitute "ipsec pki --self ..."
for "ipsec pki --pub ..."? Because the command "--pub" only produces a
certificate with fixed 3 years lifetime and I want more.
Any recommendation would be really appreciated. Thank in Adv.
More information about the Users
mailing list