Hi Marc, certificates and keys are always loaded from separate files (with the exemption of PKCS#12 containers). The certificates are loaded via leftcert|rightcert entries in ipsec.conf and keys are loaded via RSA|ECDSA entries in ipsec.secrets. The matching of certs and keys is done automatically by the strongSwan daemon.
Regards Andreas On 26.01.2018 15:01, Marc Roos wrote:
Is it possible to specify separate files for the crt and key? Something
like
leftcert=moonCert.crt
leftkey=moonCert.key ???
conn rw-eap
left=192.168.0.1
leftsubnet=10.1.0.0/16
leftid=@moon.strongswan.org
leftcert=moonCert.pem
leftauth=pubkey
leftfirewall=yes
rightid=*@strongswan.org
rightauth=eap-md5
rightsendcert=never
right=%any
auto=add
-- ====================================================================== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[INS-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
