If you feel the pam TLS calls needs more than server side cert verification, you should look into client authentication, eg mTLS. Don’t invent your own crypto.
Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
