[Openswan Users] CERTREQ and ipsec.conf
david
david2005.p at gmail.com
Wed Aug 17 16:27:01 CEST 2005
Hi all,
On my IKE phase 1 authenticated with signatures I ve got this,
Init Resp
HDR, SA --->
<--- HDR, SA
HDR, KE, Ni --->
<--- HDR, KE, Nr
HDR*, IDii, [ CERT, CERTREQ ] SIG_I --->
<--- HDR*, IDir, [
CERT ] SIG_R
I want to add a "certicate request" on the message of the Responder, like this :
Init Resp
HDR, SA --->
<--- HDR, SA
HDR, KE, Ni --->
<--- HDR, KE, Nr, [ CERTREQ ]
HDR*, IDii, [ CERT, CERTREQ ] SIG_I --->
<--- HDR*, IDir, [
CERT ] SIG_R
the source code corresponding is present in the file
openswan/programs/pluto/ipsec_doi.c
but it seems to me that by default it is not used (?)
So is there a way to activate it with the ipsec.conf file ?
I don't know if I should better post this to the dev mailing list so ....
rgds , David
More information about the Users
mailing list