[strongSwan] CA certificate in response to certificate request payload in x509 authentication

Tobias Brunner tobias at strongswan.org
Sat Apr 23 07:53:42 CEST 2016

Hi Sameer,

> So is there a way to send the SHA-1 hashes of the public keys of CAs. Do
> we do that already?

Yes, that's what's contained in the CertReq payloads sent by strongSwan.
 Unless rightsendcert=never is configured the daemon will send the
hashes of the public keys of all loaded CA certificates (if rightca is
configured only for that CA).


More information about the Users mailing list