[Openswan Users] How to authenticate one user with multiple x.509 certificates ?

Greg Leclercq ggregl at gmail.com
Fri Nov 24 08:02:34 EST 2006

Hi List,

IKEv2 RFC 4306 says (http://rfc.net/rfc4306.html#s3.7.):
"Implementations MUST be capable of being configured to send and
accept up to four X.509 certificates in support of authentication",
section 3.6, page 61 with this necessary condition " If multiple
certificates are sent, the first certificate MUST contain the public
key used to sign the AUTH payload.".

If I understand well, I can authenticate one user with multiple
certificates. Can I do that with OpenSWAN ? If yes, how (I have always
read http://www.openswan.org/docs/local/README.x509 but no clue there)

note: By multiple certificates, I mean within the same SA.

.::[ Greg ]::.

More information about the Users mailing list