Hi Sameer,
> So is there a way to send the SHA-1 hashes of the public keys of CAs. Do
> we do that already?
Yes, that's what's contained in the CertReq payloads sent by strongSwan.
Unless rightsendcert=never is configured the daemon will send the
hashes of the public keys of all loaded CA
Thanks Tobias
So is there a way to send the SHA-1 hashes of the public keys of CAs. Do we
do that already? If not, is there a way to enable it?
On Fri, Apr 22, 2016 at 12:47 AM, Tobias Brunner
wrote:
> Hi Sameer,
>
> > The issue I am facing is the peer is request CA
Hi Sameer,
> The issue I am facing is the peer is request CA certificate in its
> certificate request payload in the message.
A certificate request payload contains the SHA-1 hashes of the public
keys of CAs a peer accepts (or prefers) end-entity certificates from.
It's not a request to
--On Sunday, March 15, 2009 09:29:16 AM +0100 Daniel Mentz
danielml+mailinglists.strongs...@sent.com wrote:
http://sandbox.rulemaker.net/ngps/m2/howto.ca.html
I did not check it in detail and there might be better sites. But I
think if you mix the information you get from this site with
Gbenga wrote:
Here is a good site on how to work OpenSSL:
http://www.madboa.com/geek/openssl/
Well, this site seems to have lots of information about OpenSSL although
it does not describe how to set up a CA. I did a web search and found
the following site
: Re: [strongSwan] CA
You can create all certificates, keys etc. on one machine. As soon as
you're done with creating all certificates you copy the appropriate
files to the corresponding machines.
Search the web for a detailed tutorial on how to create a CA and issue
certificates with OpenSSL
hello..
plz tell me how to create host certificate and key.
this how i have done in the case of host-host case:
1. created strongswanCert.pem, strongswanKey.pem [at moon] using the README
file.
2. then i pasted strongswanCert.pem, strongswanKey.pem at sun.
3. created hostCert.pem, hostReq.pem