On 03/11/2017 02:47 PM, Simon McFarlane wrote: > Any isakmpd experts know how I might make this work? They can give me a > client cert > with an arbitrary subjectaltname if that would fix it. Would they need to add > a > subjectaltname field to their server cert?
We toyed around with this, and after getting the correct SAN, something still gets hung up at the same place, despite the certificate being loaded. At this point, I'd just like to get host key auth working, which the man page says should eschew the need for certificates, but isakmpd still doesn't even seem to look at anything in the pubkeys folder.