[strongSwan] A couple of offerings for the community
Derek Cameron
dcamero2016 at gmail.com
Mon Jan 28 11:10:27 CET 2019
I will look into changing local.ca to something more appropriate.
Originally I wanted to use p12 files with everything in them (CA cert,
client cert, client key), but this created messiness on the Windows
end. This is why I separated out the CA cert, with the client cert and
the client key going into a pfx file.
Regards,
Derek.
On Mon, Jan 28, 2019 at 1:32 AM Tobias Brunner <tobias at strongswan.org> wrote:
>
> Hi Derek,
>
> > (1) An IKEv2 profile importer for Windows 10, modeled on the
> > strongSwan profile importer for Android:
> > https://github.com/dcamero2016/vpn-importer
>
> Nice idea. local.ca is wrong, though, it's the CA certificate to verify
> the remote's certificate, it hasn't necessarily anything to do with the
> client's authentication or certificate (i.e. should be remote.ca, or
> remote.cert to keep it compatible with our format). And why change
> local.p12 to local.pfx? (It's still a PKCS#12 container, no?)
>
> Regards,
> Tobias
More information about the Users
mailing list