Hi, all.
While we transition from certificates signed by our expiring internal
CA, I'd like to be able to use client certificates signed by either the
old or new CA for VPN access.
The manpage is a little sparse on details; the only reference is under
leftca referring to possible counterexamples to using rightca=%same.
So... can leftca/rightca take multiple values? Can there be multiple
parallel connection definitions with different certificates/CAs for the
same functionality? Or something else entirely?
Thanks!
--
Nels Lindquist
[email protected]
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
