[strongSwan] Validating Local Host Own Certificate

Andreas Steffen andreas.steffen at strongswan.org
Thu Dec 7 08:37:34 CET 2017

Hi Jafar,

locally loaded certificates are always trusted.



On 07.12.2017 07:44, Jafar Al-Gharaibeh wrote:
> Hi,
>     I have noticed that when configuring the local certificate in a
> connection via :
>     leftcert=cert.pem
>    The certificate is loaded and trusted without validating it through
> CA/trust-chains. Is this behavior documented anywhere? digging through
> documentation I only found old email references  to this. Is this the
> expected behavior? Is there a way to force one's own certificate
> validation when loaded/used? i.e/ cert.pem above has to be validated
> through a CA tustchain.
> Thanks,
> Jafar

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Networked Solutions
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4150 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20171207/7b41c8e3/attachment.bin>

More information about the Users mailing list