From: Andreas Steffen (andreas.steffen_at_strongsec.net)
Date: Tue Oct 29 2002 - 09:29:23 CET
This applies only if you load the certificate locally by
using
[right|left]cert=
In this case the distinguished subject name of the certificate is
automatically assigned to [right|left]id. This can be overrun
by a [right|left]id defining one of the subjectAltNames contained
in the certificate as the ID.
Regards
Andreas
martin f krafft wrote:
> also sprach Andreas Steffen <andreas.steffen_at_strongsec.net> [2002.10.29.0824 +0100]:
>
>>2) Specify the distinguished name of your peer
>>
>> conn gate-albatros
>> ...
>> rightrsasigkey=%cert
>> right=80.218.20.44
>> rightid="C=..., O=..., CN=..."
>> rightsubnet=192.168.2.0/24
>> ...
>
>
> Lines 237-8 of your README file on the X.509 patch, version 0.9.14 say
> the following:
>
> Since the subject's DN is part of the certificate, the leftid does
> not have to be declared explicitly.
>
> Does this only apply to the "other" side (this is in the configuration
> of the right side), or when left/right=%any?
>
> Thanks!
======================================================================
Andreas Steffen e-mail: andreas.steffen_at_strongsec.com
strongSec GmbH phone: +41 76 340 25 56
Alter Zürichweg 20 home: http://www.strongsec.com
CH-8952 Schlieren (Switzerland)
==========================================[strong internet security]==
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Wed Oct 30 2002 - 05:20:34 CET