Hello, I am trying to establish ipsec tunnel using certificate authentication. I am using strongswan 5.1.1 on both the peers.
I have configured leftid parameter in ipsec.conf to be leftid = <subject Altname from certificate> Here subject Altname is the FQDN. On both the peers I have configured left id as above. IKE_AUTH happens and tunnel gets established. However in IDi payload, Subject Altname is not going, instead Full Subject name is exchanged. Can u please let me know the reason behind this ? In between I saw the below log, 2014-08-14T13:12:29+00:00 (none) charon: 05[CFG] id '123456789...@abc.com' not confirmed by certificate, defaulting to 'C=IN, ST=KAR, L=BLR, O=ABC,OU=Networking, CN=123456789ABC.. How to overcome this situation ? Regards, Sriram
_______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
