sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity
strongswan/testing/tests/ikev2-multi-ca/ocsp-signers/hosts/moon/etc/swanctl/swanctl.conf
Tobias Brunner 801c6c32e5 testing: Use a single OCSP responder for ikev2-multi-ca/ocsp-signers scenario 
This demonstrates the multi-CA capabilities of the pki --ocsp command.
2023-11-13 12:50:47 +01:00

67 lines
1.2 KiB
Plaintext
Executable File
Raw Blame History

connections {
research {
local_addrs = 192.168.0.1
local {
auth = pubkey
certs = moonCert.pem
id = moon.strongswan.org
}
remote {
auth = pubkey
cacerts = researchCert.pem
revocation = ifuri
}
children {
alice {
local_ts = 10.1.0.10/32
esp_proposals = aes128-sha256-ecp256
}
}
version = 2
proposals = aes128-sha256-ecp256
}
sales {
local_addrs = 192.168.0.1
local {
auth = pubkey
certs = moonCert.pem
id = moon.strongswan.org
}
remote {
auth = pubkey
cacerts = salesCert.pem
revocation = ifuri
}
children {
venus {
local_ts = 10.1.0.20/32
esp_proposals = aes128-sha256-ecp256
}
}
version = 2
proposals = aes128-sha256-ecp256
}
}
authorities {
strongswan {
cacert = strongswanCert.pem
ocsp_uris = http://ocsp.strongswan.org:8880
}
research {
cacert = researchCert.pem
ocsp_uris = http://ocsp.strongswan.org:8880
}
sales {
cacert = salesCert.pem
ocsp_uris = http://ocsp.strongswan.org:8880
}
}
Reference in New Issue View Git Blame Copy Permalink