[Swan] IPSec PKI based policy requirement.
madhanrajrm at gmail.com
Thu Apr 22 17:24:38 UTC 2021
Hi Swan users,
My libreswan version is libreswan-3.25-9.1.el7.x86_64
and my public key has the below XU and EXU extensions currently
X509v3 Key Usage:
Digital Signature, Key Encipherment, Data Encipherment,
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client
Authentication, IPSec End System
X509v3 Subject Key Identifier:
X509v3 Basic Constraints: critical
So i wan't to know does libreswan really need the Key Encipherment &
IPSec End System XKU to bring up the IKE connection ?
It would be great if I can get the recommended XU and EXU in the public key
to bring up an ipsec connection up and running.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Swan