Hi John,
> We would like to have tunnel
> established even if responder send us a certificate which is signed by
> unknown root ca. Is this possible to achieve that in strongswan?
Not without code changes.
Regards,
Tobias
Hello all,
I know this is security issue but because of some other factors in one
particular case during setup we consider disabling root ca checking in
strongswan during tunnel establishement process. In other words: strongswan
is an IKEv2 initiatior. We would like to have tunnel established even
