[Openswan Users] Openswan 2.1.1 not sending certificates (fwd)

Michael Richardson mcr at sandelman.ottawa.on.ca
Thu Apr 1 12:58:00 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Marcus" == Marcus Better <marcus at dactylis.com> writes:
    Marcus> You are right, I did not have "rightca". Will try.

    Marcus> However, since "right" is the security gateway I am not
    Marcus> interested in authorizing the connection through the CA
    Marcus> (since that would allow connecting to anyone with a cert
    Marcus> signed by the same CA), but rather with a certain ID
    Marcus> (FQDN). Perhaps I will try again and see if I can make it
    Marcus> work.

  rightca= tells the system what CA it is using.
  It doesn't authorize anything from that CA, AFAIK.

  To do that, you need to something in rightid, if I'm not mistaken.
  Well, perhaps Paul will write better documentation soon.

- --
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQGxKF4qHRg3pndX9AQGnOwP8Ck+WooPtL3TSR94aXE+T6h4R2GNuXQfn
whk33AwClxEDrMzwcj1T6c2qAc16PLisHzw5fJGLprfOX7Ib0BB78T1R7Yt7B+YK
3t8FKCdloWJmHGOl3opwh0bOo11ejQJWUqq3Nd2nykxIl+5tan4D26Hc0OdH2uUz
/zxL5YPbJqo=
=p3BE
-----END PGP SIGNATURE-----


More information about the Users mailing list