[strongSwan] A couple of offerings for the community

Derek Cameron dcamero2016 at gmail.com
Mon Jan 28 11:10:27 CET 2019

I will look into changing local.ca to something more appropriate.

Originally I wanted to use p12 files with everything in them (CA cert,
client cert, client key), but this created messiness on the Windows
end. This is why I separated out the CA cert, with the client cert and
the client key going into a pfx file.



On Mon, Jan 28, 2019 at 1:32 AM Tobias Brunner <tobias at strongswan.org> wrote:
> Hi Derek,
> > (1) An IKEv2 profile importer for Windows 10, modeled on the
> > strongSwan profile importer for Android:
> > https://github.com/dcamero2016/vpn-importer
> Nice idea.  local.ca is wrong, though, it's the CA certificate to verify
> the remote's certificate, it hasn't necessarily anything to do with the
> client's authentication or certificate (i.e. should be remote.ca, or
> remote.cert to keep it compatible with our format).  And why change
> local.p12 to local.pfx?  (It's still a PKCS#12 container, no?)
> Regards,
> Tobias

More information about the Users mailing list