Hi Mugur, > SEG cert chain : "RootX/sub-CAy/SEG" (same hierarchy, different end > entities) > SEG sends only the "SEG" certificate in CERT payload (instead of > sub-CAy/SEG") > > Does authentication work?
As long as you have the correct sub-CAy installed on your client, it should be no problem to validate the trustchain. strongSwan uses all certificates it has available, not only those received in the CERT payloads of the current exchange. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
