[Swan] Wildcards in rightid DistinguishedName
Manfred
mx2927 at gmail.com
Fri Feb 12 17:29:18 UTC 2021
Following the example in:
https://libreswan.org/wiki/VPN_server_for_remote_clients_using_IKEv2#ipsec.conf_for_IKEv2_Machine_Certificate_VPN_server
where it says:
> # optional rightid with restrictions
> # rightid="C=CA, L=Toronto, O=Libreswan Project, OU=*, CN=*, E=*"
I see that wildcards are allowed, but using "... CN=*.example.com" fails
to match "... CN=test.example.com"
As far as I can see only rightid="... CN=test.example.com" or
rightid="... CN=*" may be used to match this DNS name.
Is there any way to match partial wildcards for DN components?
Thanks in advance for any clarification.
More information about the Swan
mailing list