Package: strongswan
Severity: wishlist
The strongswan package provides a convenient set of X.509 utility
functions in the ipsec utility
E.g. to generate an RSA keypair:
ipsec pki --gen --type rsa --size 4096
Many basic activities can be completed more easily with this utility
than with the full featured openssl or gnutls utilities.
However, it is probably possible to abstract this even further,
providing a wrapper script that does some of the following:
a) make a CA cert
b) make a gateway cert for a VPN server
c) make a road-warrior cert (with the option to export as PKCS#12)
d) make a CSR
e) respond to a CSR
The command lines for each of these operations would be workflow
oriented, for example,
easy-pki make-ca
easy-pki make-gateway-cert
easy-pki make-roadwarrior-cert --pkcs12-out
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
