I was able to inspect the strongswanCert.pem like so:
ipsec pki --keyid --type x509 --in strongswanCert.pem
subjectKeyIdentifier:
5d:a7:dd:70:06:51:32:7e:e7:b6:6d:b3:b5:e5:e0:60:ea:2e:4d:ef
subjectPublicKeyInfo hash:
ae:09:6b:87:b4:48:86:d3:b8:20:97:86:23:da:bd:0e:ae:22:eb:bc
In tests/sql/rw-cert/hosts/moon/etc/ipsec.d/data.sql, the second
INSERT statement is:
INSERT INTO identities (
type, data
) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
);
which is the subjectKeyIdentifier.
However, in tests/sql/ip-pool-db/hosts/moon/etc/ipsec.d/data.sql, the
second INSERT statement is:
INSERT INTO identities (
type, data
) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
);
which is the subjectPublicKeyInfo hash.
Why does one SQL file use one value, while the other uses the other?
If I were writing my own SQL statements, how would I know which one I
should insert?
--
Jason Tang / [email protected] / http://www.jtang.org
_______________________________________________
Dev mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/dev
