[Openswan Users] How to authenticate one user with multiple x.509 certificates ?
Greg Leclercq
ggregl at gmail.com
Fri Nov 24 08:02:34 EST 2006
Hi List,
IKEv2 RFC 4306 says (http://rfc.net/rfc4306.html#s3.7.):
"Implementations MUST be capable of being configured to send and
accept up to four X.509 certificates in support of authentication",
section 3.6, page 61 with this necessary condition " If multiple
certificates are sent, the first certificate MUST contain the public
key used to sign the AUTH payload.".
If I understand well, I can authenticate one user with multiple
certificates. Can I do that with OpenSWAN ? If yes, how (I have always
read http://www.openswan.org/docs/local/README.x509 but no clue there)
?
note: By multiple certificates, I mean within the same SA.
Thanks,
Cheers
--
.::[ Greg ]::.
More information about the Users
mailing list