[Openswan Users] Multiple X.509 certs

Jacco de Leeuw jacco2 at dds.nl
Sat Jun 4 11:46:23 CEST 2005

Bob Balsover wrote:

> I am using Openswan on Fedora core 3, I have successfully connected to 
> one host using l2tp and ipsec, but when I attempt to connect to a 
> different Linux host on a different domain configured with identical 
> software it cannot negotiate an ipsec connection.  From /var/log/secure 
> I can see that the Windows XP Pro sp2 machine is using the wrong X.509 
> cert; the first one that was installed.  Is there something that I can 
> configure on the Linux machine so that it encourages Windows XP to use 
> the correct cert when negotiating a connection?

I was contacted about this a few times but I did not encounter the
problem myself. So I looked into this and wrote a small note about it:


If you have better things to do with your time :-) then the quick solution
would be to add the following line to your config:


Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl

More information about the Users mailing list