Hi Erick, > However, I believe now I am supposed to issue the "load-authority" command to > load that CA certificate.
You don't. These options are only needed if you want to associate a CA with e.g. a CDP that is not contained in the certificates, see [1]. > since I want to load the PEM data over VICI itself.. You pass such a blob in the `cacert` key. The `file` key is to load from an absolute path accessible by the daemon and `handle` (plus `slot` and `module`) may be used to load the certificate from a smartcard or TPM. Regards, Tobias [1] https://wiki.strongswan.org/projects/strongswan/wiki/Swanctlconf#authorities-section
