[strongSwan] CA certificate in response to certificate request payload in x509 authentication
tobias at strongswan.org
Sat Apr 23 07:53:42 CEST 2016
> So is there a way to send the SHA-1 hashes of the public keys of CAs. Do
> we do that already?
Yes, that's what's contained in the CertReq payloads sent by strongSwan.
Unless rightsendcert=never is configured the daemon will send the
hashes of the public keys of all loaded CA certificates (if rightca is
configured only for that CA).
More information about the Users