IPv6 readyNote: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

Re: [Users] x509 patch ... need ipsec.secrets?

From: Andreas Steffen (andreas.steffen_at_zhwin.ch)
Date: Thu Mar 14 2002 - 17:14:37 CET

Yes you need /etc/ipsec.secrets since it contains your private key
information either embedded directly (section 5.2) or as a filename
pointing to your private key file (section 5.1). You use the private
key to sign the last of the Main Mode messages, whereas the certificate
contained in /etc/x509cert.der is sent to the peer host so that it can
verify your signature.

Regards

Andreas

Doug Wilson wrote:
>
> I'm using (FreeS/WAN Version 1.96) including X.509 patch (Version
> 0.9.9). If I want to use the new authentication method based on CA
> certificates which is described in section 4.1 (
> http://www.strongsec.com/freeswan/install.htm#section_4.1 )
>
> do I even need /etc/ipsec.secrets files? Thanks!
>
> _______________________________________________
> Users mailing list
> Users_at_lists.freeswan.org
> http://lists.freeswan.org/mailman/listinfo/users

======================================================================
Andreas Steffen e-mail: andreas.steffen_at_zhwin.ch
Zuercher Hochschule Winterthur home: http://www.zhwin.ch/~sna/
CH-8401 Winterthur (Switzerland) phone: +41 76 340 25 56
===============================================================[ZHW]==
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:42 CEST