[Swan] how/where to configure list of 'valid' certs
Paul Wouters
paul at nohats.ca
Sun Jan 14 16:18:19 EET 2024
You use rightid= and match using x509 wildcards. Eg place those you want to connect in the same Organizarional Unit OU=foo and match the variable part with *, eg CN=*
Sent using a virtual keyboard on a phone
> On Jan 14, 2024, at 08:30, Marc <Marc at f1-outsourcing.eu> wrote:
>
>
> Currently I am using
> rightca="Example CA"
>
> I would expand this with only a list of certificates that is allowed to connect. How/where/what is best to do this? Can this list be documented in the secrets file?
>
>
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
More information about the Swan
mailing list