On Wed, 31 Jan 2024, Marc wrote:
Subject: [Swan] win10 (/ win11?) client user certs instead of machine
Is there a way to setup libreswan[1] in such a way it matches more windows
defaults.
Currently I have to distribute some powershell scripts that set "Use machine
certificates" (standard.png). However it would be nicer if this eap could be enabled
and use the user? certificates (eap.png)
Yes. EAP-TLS is supported. Test cases that show configuration:
https://github.com/libreswan/libreswan/blob/main/testing/pluto/interop-ikev2-eaptls-strongswan-client/east.conf
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
