[Openswan Users] IPSec and Certificates
t.henneberger at hcs-computer.de
t.henneberger at hcs-computer.de
Tue Feb 1 14:27:01 CET 2005
Hello there
I am currently trying to establish a connection using x.509 Certificates, and I
seem to do something wrong.
I think I may have missunderstood the basic principles. Please read on
to see if I got it right ;)
Lets say we have a VPN-server (listening for incoming connections) and a
client (innitiating the connection).
In order to use x.509 to authenticate and encrypt the connection, both
sides need to have a Certificate from a CA both know, right?
Now comes the part I am unsure about:
Do both ends have to use the same Cerftificate, or is it enough when
both sides have a Certificate which is signed by the above CA?
I read tons of HowTos and Documents, but I just could not find
a simple discreption of the Authentication-Process. I don't even know
who transfers his Public-Key first, the Client or the Server. A good link
describing this process would be very very helpful.
Thank you for your time.
T. Henneberger
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20050201/0c234c32/attachment.htm
More information about the Users
mailing list