[Openswan Users] query
Paul Wouters
paul at xelerance.com
Mon Feb 15 10:03:32 EST 2010
On Mon, 15 Feb 2010, neeraj goyal wrote:
> Does each ipsec peer should have other ipsec peer certificate before starting ipsec. or other peer will send during
> connection time????
That depends on your configuration. See 'man ipsec.conf' and specifically
the sections on "leftsendcert" and "leftca".
If you are not using a CA, you should really just put the cert on both ends.
If you are using a CA, you should let leftsendcert= send it for you.
Paul
More information about the Users
mailing list