[Swan] host-host tunnel using Certificates !
John Crisp
jcrisp at safeandsoundit.co.uk
Thu Nov 30 10:08:55 UTC 2017
On 30/11/17 08:01, Kesava Vunnava (kesriniv) wrote:
>
> As per the documentation of libreswan , it looks pluto should be
> referring to nss db for Private Keys , Certs . Looks we were missing
> some configuration here.
>
> Please let me know the needed configuration .
>
I'm no guru on this but in my configs I have these extra settings:
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
leftcert="left cert"
rightcert="right cert"
leftid=%fromcert
rightid=%fromcert
They may not all be required but may help you nail down the problem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20171130/7235d9f8/attachment.sig>
More information about the Swan
mailing list