Hi Marc, certificates and keys are always loaded from separate files (with the exemption of PKCS#12 containers). The certificates are loaded via leftcert|rightcert entries in ipsec.conf and keys are loaded via RSA|ECDSA entries in ipsec.secrets. The matching of certs and keys is done automatically by the strongSwan daemon.
Regards Andreas On 26.01.2018 15:01, Marc Roos wrote:
Is it possible to specify separate files for the crt and key? Something like leftcert=moonCert.crt leftkey=moonCert.key ??? conn rw-eap left=192.168.0.1 leftsubnet=10.1.0.0/16 leftid=@moon.strongswan.org leftcert=moonCert.pem leftauth=pubkey leftfirewall=yes rightid=*@strongswan.org rightauth=eap-md5 rightsendcert=never right=%any auto=add
-- ====================================================================== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[INS-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature