[strongSwan] Limiting a connection to a specific CA?
Ruel, Ryan
rruel at akamai.com
Tue Oct 13 11:48:55 CEST 2015
Assume that you have configured two separate IPsec connections in ipsec.conf. Each client is authenticating via certificates, one to the first connection and the other to the second.
If the clients are using certificates signed by private (but different) CA’s, is there anyway currently to limit validation for each connection to a specific root CA?
From what I understand, all root CA’s are checked until a match is found?
I’m wondering if there’s a way to limit the trust chain for each connection to just one CA.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151013/61af4915/attachment.html>
More information about the Users
mailing list