Hi Mihaly,
> So I guess need to put altName in the cert if I want to use same cert
> for multiple peers configs.
You'd have to do that anyway as the client wouldn't accept the
certificate otherwise.
Regards,
Tobias
___
Users mailing list
Hello Tobias,
you were right, the issue is:
"id 'part...@informatik.hu' not confirmed by certificate, defaulting to
'C=HU, O=Informatik.hu, CN=informatik.hu'"
So I guess need to put altName in the cert if I want to use same cert
for multiple peers configs.
Üdvözlettel:
Vukovics Mihály
Hi Mihaly,
> Does it assigned and missing from the log, or this is not implemented yet?
If valid DNS servers are received (check for corresponding configuration
attributes in the IKE_AUTH message) they are added to the
VpnService.Builder instance used to create the TUN device. There is
just no
Hello Tobias,
will do that. Let me have another question about the Android client: I
cannot see in the client log, that the DNS server (provided by rightdns,
or in strongswan.conf) assigned to client, like on other linux boxes
with the same peer config.
Does it assigned and missing from the
Hi Mihaly,
> But anyway I setp up left/rightid on the server side, I always get "no
> matching peer config found".
>
> How is Android "Server identity" matched on server side?
Exactly as you'd suspect I guess, it's matched against the local
identity on the server (presumably leftid). Check
Hello,
I am trying to confgiure different conn sections for Android StrongSwan
clients, with different rightsubnets. As the subnets cannot be
confgiured in the Android client, I am trying to use different peer
configs(conn), using the Server identity in andvanced options.
But anyway I setp
