[strongSwan] Validating Local Host Own Certificate
Andreas Steffen
andreas.steffen at strongswan.org
Thu Dec 7 08:37:34 CET 2017
Hi Jafar,
locally loaded certificates are always trusted.
Regards
Andreas
On 07.12.2017 07:44, Jafar Al-Gharaibeh wrote:
> Hi,
>
> I have noticed that when configuring the local certificate in a
> connection via :
>
> leftcert=cert.pem
>
> The certificate is loaded and trusted without validating it through
> CA/trust-chains. Is this behavior documented anywhere? digging through
> documentation I only found old email references to this. Is this the
> expected behavior? Is there a way to force one's own certificate
> validation when loaded/used? i.e/ cert.pem above has to be validated
> through a CA tustchain.
>
> Thanks,
> Jafar
--
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[INS-HSR]==
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4150 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20171207/7b41c8e3/attachment.bin>
More information about the Users
mailing list