vivek bairathi wrote: > Actually my problem is I can't specify the directory. I don't want the > files for cacert to be picked from /etc/ipsec.d/cacerts/. I can only > specify filename as many other files are going to be there in that > directory, so for that I need the entry in ipsec.conf in the way I have > written.
Try defining a ca section for each CA certificate: http://wiki.strongswan.org/wiki/strongswan/CaSection This does not require you to store the certificates in /etc/ipsec.d/cacerts/. You can store them in other locations. Is that an option for you? > ca Plane > cacert=/home/vivek/RootCert1.pem,/home/vivek/RootCert2.pem > crluri=/home/vivek/crl.pem > auto=add > Is this not possible? I guess you can specify only a single file as cacert. > Is there no way to mention file names for all ca certs in ipsec.conf ? I guess not. > Is it possible to change the code to made this thing possible? Sure. You can always change the code. Using --sysconfdir= when running ./configure might be an option. But then strongSwan also looks for ipsec.conf in a different directory. -Daniel _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
