Following the example in: https://libreswan.org/wiki/VPN_server_for_remote_clients_using_IKEv2#ipsec.conf_for_IKEv2_Machine_Certificate_VPN_server
where it says:
# optional rightid with restrictions # rightid="C=CA, L=Toronto, O=Libreswan Project, OU=*, CN=*, E=*"
I see that wildcards are allowed, but using "... CN=*.example.com" fails to match "... CN=test.example.com"
As far as I can see only rightid="... CN=test.example.com" or rightid="... CN=*" may be used to match this DNS name.
Is there any way to match partial wildcards for DN components? Thanks in advance for any clarification. _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
