[strongSwan] question about rightca

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Tue Sep 5 13:33:59 CEST 2017


Hi,

> a matching root CA by default

What do you mean with that? charon always authenticates the certificates. You can't turn that off.

Kind regards

Noel

On 05.09.2017 13:27, Harald Dunkel wrote:
> Hi folks,
>
> the documentation says for left|rightca:
>
> %same means that the value configured for the other participant 
> should be reused.
>
>
> Please note the "configured". How can I tell charon to do require
> a matching root CA by default, without explicitly configuring the 
> peer's CA?
>
>
> I am not sure if this approach would be reasonable. Is it? Every 
> helpful comment is highly appreciated
>
> Harri

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170905/9e467e4f/attachment.sig>


More information about the Users mailing list