[strongSwan] regarding strongswan certificates path across network namespaces

Samanvitha Bhargav samanvitabhargav at gmail.com
Fri Jun 10 08:10:27 CEST 2016


I am using strongswan-5.0.1.tar.gz and across different network namespaces.

 I configured it with the sysConf directory as /etc/ipsec/ike2/
(./configure --sysconfdir=/etc/ipsec/ike2/).

 So now the certificates directory is expected by charon to be at
/etc/ipsec/ike2/ipsec.d for default namespace and in
/etc/netns/netnsName/ipsec/ike2/ipsec.d for namespace specific(this is
because /etc and /etc/netns/netnsName/ are bindmounted for namespaces).

This requires me to copy the certificates to namespace specific certificate
path everytime a new namespace is created.

So could anyone suggest me a work around for this so that my certificate
files can be placed at a single place and Charon accesses it only from
there for both default and non-default namespace. Is there any such
configure options I could include to specify the certificates path?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160610/6c726b43/attachment.html>

More information about the Users mailing list