[Openswan Users] Re: Openswan with X.509 signed by different CAs

WADA Masahiro wadaman at isl.nara.sharp.co.jp
Thu Dec 9 13:38:01 CET 2004

Jacco wrote:

> If I remember correctly, the Microsoft documentation says that
> both sides MUST be using certificates from the same CA.

I have never heard such information.
If someone know its document, please tell me.

> Unless you are a
> third-party IPsec client and not the native IPsec implementation?

I tested native IPsec client on WindowsXP and Windows2000.
The certificate for XP is signed by the VeriSign,
and the other for 2000 is signed by the openssl private CA.
They could be connected each other.

Masahiro Wada

More information about the Users mailing list