[prev in list] [next in list] [prev in thread] [next in thread]
List: strongswan-users
Subject: [strongSwan] FW: Query on IKEv1 certificate request payload .
From: "Vinay Prabhakar M" <vinay.prabhakar.ext () nsn ! com>
Date: 2013-11-29 16:38:08
Message-ID: 058501ceed1f$b66c19f0$23444dd0$ () nsn ! com
[Download RAW message or body]
This is a multipart message in MIME format.
[Attachment #2 (multipart/alternative)]
Hi,
Adding the ipsec.conf file.
Thanks,
Vinay
From: Vinay Prabhakar M [mailto:vinay.prabhakar.ext@nsn.com]
Sent: Thursday, November 28, 2013 2:04 PM
To: 'users@lists.strongswan.org'
Subject: FW: Query on IKEv1 certificate request payload .
Hi Martin,
In IKEv1 main mode negotiation we noticed that, the certificate request
payload did not have Certificate Authority Data.
We checked the ipsec.conf strongswan documentation and we did not find any
specific setting required for this certificate other than including the
required CA cert in /ipsec.d/cacerts/ , X.509 end entity certificates in
/ipsec.d/certs and the private key in /ipsec.d/private/.
Could you please let me know if this is as expected or if anything
specific needs to be changed to get this working with the appropriate
Certificate Authority Data? I am currently using strongswan version 4.5.3.
Thanks,
Vinay
[Attachment #5 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type \
content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 \
(filtered medium)"><style><!-- /* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Courier New";
color:windowtext;
font-weight:normal;
font-style:normal;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Courier New";
color:#1F497D;
font-weight:normal;
font-style:normal;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Courier New";
color:#1F497D;
font-weight:normal;
font-style:normal;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div \
class=WordSection1><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier \
New";color:#1F497D'>Hi,<o:p></o:p></span></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier \
New";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier New";color:#1F497D'>Adding the \
ipsec.conf file. <o:p></o:p></span></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier \
New";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier \
New";color:#1F497D'>Thanks,<o:p></o:p></span></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier \
New";color:#1F497D'>Vinay<o:p></o:p></span></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier \
New";color:#1F497D'><o:p> </o:p></span></p><div><div \
style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p \
class=MsoNormal><b><span \
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span \
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Vinay Prabhakar M \
[mailto:vinay.prabhakar.ext@nsn.com] <br><b>Sent:</b> Thursday, November 28, 2013 \
2:04 PM<br><b>To:</b> 'users@lists.strongswan.org'<br><b>Subject:</b> FW: Query on \
IKEv1 certificate request payload .<o:p></o:p></span></p></div></div><p \
class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier New"'>Hi </span> <span \
style='font-size:10.0pt;font-family:"Courier New"'>Martin,<o:p></o:p></span></p><p \
class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier \
New"'><o:p> </o:p></span></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier New"'>In IKEv1 main mode negotiation we \
noticed that, the certificate request payload did not have Certificate Authority \
Data. <o:p></o:p></span></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier New"'> We checked the ipsec.conf \
strongswan documentation and we did not find any specific setting required for this \
certificate other than including the required CA cert in /ipsec.d/cacerts/ , X.509 \
end entity certificates in /ipsec.d/certs and the private key in /ipsec.d/private/. \
<o:p></o:p></span></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier New"'> Could you please let \
me know if this is as expected or if anything specific needs to be changed to get \
this working with the appropriate Certificate Authority Data? I am currently using \
strongswan version 4.5.3.<o:p></o:p></span></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier New"'><o:p> </o:p></span></p><p \
class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier \
New"'>Thanks,<o:p></o:p></span></p><p class=MsoNormal><span \
style='font-size:10.0pt;font-family:"Courier New"'>Vinay<o:p></o:p></span></p><p \
class=MsoNormal><o:p> </o:p></p></div></body></html>
["ipsec.conf" (application/octet-stream)]
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic