[strongSwan] strongSwan plugins - openssl and x509

Andreas Steffen andreas.steffen at strongswan.org
Wed Jul 11 11:18:36 CEST 2018

Hi Divya,

yes, if you don't need OCSP support then you can disable the
x509 plugin in the presence of the openssl plugin.



On 11.07.2018 11:08, divya mohan wrote:
> Hello,
> I found the below documentation at
> https://wiki.strongswan.org/projects/strongswan/wiki/Pluginlist
> openssl - Crypto backend based on OpenSSL, provides
> RSA/ECDSA/DH/ECDH/ciphers/hashers/HMAC/X.509/CRL/RNG
> x509 - Advanced X.509 plugin for parsing/generating X.509
> certificates/CRLs and OCSP messages
> One question here --
> Is usage of x509 certificates supported by both the above plugins?
> So, if I am enabling openssl plugin, can x509 plugin be disabled?
> My use case requires using x509 certificates, without  CRL or OCSP support.
> - Divya

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Users mailing list