On Mon, Jan 28, 2019 at 2:29 AM Tobias Brunner wrote:
> Does Windows require the complete chain for the client
> certificate?
If you deliberately delete the CA certificate of the client
certificate on Windows, then when you try to connect, you will get an
error message in red, "Invalid
Hi Derek,
> Originally I wanted to use p12 files with everything in them (CA cert,
> client cert, client key), but this created messiness on the Windows
> end.
As mentioned in the previous mail, the CA certificate that issued the
client and server certificates don't have to be the same (often
Hi Derek,
> (1) An IKEv2 profile importer for Windows 10, modeled on the
> strongSwan profile importer for Android:
> https://github.com/dcamero2016/vpn-importer
Nice idea. local.ca is wrong, though, it's the CA certificate to verify
the remote's certificate, it hasn't necessarily anything to