Re: [strongSwan] CA certificate in response to certificate request payload in x509 authentication

2016-04-22 Thread Tobias Brunner
Hi Sameer, > So is there a way to send the SHA-1 hashes of the public keys of CAs. Do > we do that already? Yes, that's what's contained in the CertReq payloads sent by strongSwan. Unless rightsendcert=never is configured the daemon will send the hashes of the public keys of all loaded CA

Re: [strongSwan] CA certificate in response to certificate request payload in x509 authentication

2016-04-22 Thread Sameer Agrawal
Thanks Tobias So is there a way to send the SHA-1 hashes of the public keys of CAs. Do we do that already? If not, is there a way to enable it? On Fri, Apr 22, 2016 at 12:47 AM, Tobias Brunner wrote: > Hi Sameer, > > > The issue I am facing is the peer is request CA

Re: [strongSwan] CA certificate in response to certificate request payload in x509 authentication

2016-04-22 Thread Tobias Brunner
Hi Sameer, > The issue I am facing is the peer is request CA certificate in its > certificate request payload in the message. A certificate request payload contains the SHA-1 hashes of the public keys of CAs a peer accepts (or prefers) end-entity certificates from. It's not a request to

Re: [strongSwan] CA

2009-03-16 Thread Dirk Hartmann
--On Sunday, March 15, 2009 09:29:16 AM +0100 Daniel Mentz danielml+mailinglists.strongs...@sent.com wrote: http://sandbox.rulemaker.net/ngps/m2/howto.ca.html I did not check it in detail and there might be better sites. But I think if you mix the information you get from this site with

Re: [strongSwan] CA

2009-03-15 Thread Daniel Mentz
Gbenga wrote: Here is a good site on how to work OpenSSL: http://www.madboa.com/geek/openssl/ Well, this site seems to have lots of information about OpenSSL although it does not describe how to set up a CA. I did a web search and found the following site

Re: [strongSwan] CA

2009-03-14 Thread Gbenga
: Re: [strongSwan] CA You can create all certificates, keys etc. on one machine. As soon as you're done with creating all certificates you copy the appropriate files to the corresponding machines. Search the web for a detailed tutorial on how to create a CA and issue certificates with OpenSSL

[strongSwan] CA

2009-03-12 Thread abhishek kumar
hello.. plz tell me how to create host certificate and key. this how i have done in the case of host-host case: 1. created strongswanCert.pem, strongswanKey.pem [at moon] using the README file. 2. then i pasted strongswanCert.pem, strongswanKey.pem at sun. 3. created hostCert.pem, hostReq.pem