You use rightid= and match using x509 wildcards. Eg place those you want to connect in the same Organizarional Unit OU=foo and match the variable part with *, eg CN=*
Sent using a virtual keyboard on a phone > On Jan 14, 2024, at 08:30, Marc <[email protected]> wrote: > > > Currently I am using > rightca="Example CA" > > I would expand this with only a list of certificates that is allowed to > connect. How/where/what is best to do this? Can this list be documented in > the secrets file? > > > _______________________________________________ > Swan mailing list > [email protected] > https://lists.libreswan.org/mailman/listinfo/swan _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
