[strongSwan] Multiple CA certs - why are all (not one) requested from a client?

Thu Mar 14 14:36:16 CET 2019

A quick question about CA certs in the context of cert based auth.

I've got two tunnels on same server like this, using different certificates (all of them, for each connection are different from the other connection's). Reason: one client is strongSwan and supports EC certs, the other client only does RSA.

This one uses RSA certs:

connections {
	rsa_tunnel {
		local_addrs  = 139.0.0.1
		remote_addrs = 89.0.0.1
		version = 2
		proposals = aes128-sha256-ecp256

		local {
			auth = pubkey
			certs = lintun_server.crt
		}
		remote {
			auth = pubkey
			cacerts = lintun_CA.crt
		}
		children {
			xxx {
				local_ts  = dynamic[gre]
				remote_ts = dynamic[gre]

				mode = transport
				esp_proposals = aes128-sha256-ecp256
			}
		}
	}
}

And this one uses EC certs:

connections {
	ec_tunnel {
		local_addrs  = 139.0.0.1
		remote_addrs = 172.0.0.1
		version = 2
		proposals = aes128-sha256-ecp256

		local {
			auth = pubkey
			certs = ec_tunnel_server.crt
		}
		remote {
			auth = pubkey
			cacerts = ec_tunnel_CA.crt
		}
		children {
			zzz {
				mode = transport
				esp_proposals = aes128gcm128-x25519
			}
		}
	}
}

Now when strongSwan negotiates authentication, I see that it asks either client for either CA:

Mar 14 16:28:40 charon-systemd[12802]: sending cert request for "C=RU, O=RsaTunnel, OU=CA"
Mar 14 16:28:40 charon-systemd[12802]: sending cert request for "C=RU, O=EcTunnel, OU=CA"

It seems to me that at this point the server should already know which connection "block" it's dealing with - and so which CA cert it will need from the client.

One CA cert, not all CA certs in all configured connections, right?

Also does the above mean that either client can authenticate through either CA cert, even the other connection's?

-- 
Kostya Vasilyev
kman at fastmail.com