Hi Emeric, > I want to request the remote peer to send its certificate: do I just > have to set rightsendcert to yes?
Basically yes. Setting rightsendcert=yes sends a certificate request for trusted CA certificates to give the peer a hint what certificate to send. Of course that can't guarantee that the peer actually sends a cert, but for example would if the (strongSwan) peer uses leftsendcert=ifasked. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
