[strongSwan] enforcement of rightca2 for eap-tls connections
Sach K
sacho.polo at gmail.com
Thu Feb 7 22:33:26 CET 2019
Hi Tobias,
Thank you for your reply.
Rightca does not work either. If I use rightca, the authentication seems to
fail always, even though the certificate hierarchy is correct.
Rightca works when I dont use eap-tls. The constraint is correctly enforced.
-sk
On Wed, Feb 6, 2019 at 5:10 AM Tobias Brunner <tobias at strongswan.org> wrote:
> Hi,
>
> > Is
> > righhtca2 supposed to work with eap-tls and eap-identity connections?
>
> rightca2 is for a second authentication round. Which is not what
> happens with EAP-TLS (unless you actually use it in a second round after
> e.g. a regular pubkey authentication). So maybe try rightca instead.
>
> Regards,
> Tobias
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190207/624d82cd/attachment.html>
More information about the Users
mailing list