> I don't really get how I'm supposed to use leftid, am I supposed to find a > string-ASN.1 converter ?
No, you define a string representation of your identity. strongSwan detects the identity type, and tries to convert it to the appropriate binary encoding (ASN.1 in the case of a DN). While you can specify the raw binary encoding in leftid using the asn1dn: or other prefixes, this is usually not required. Refer to the ipsec.conf manpage for details about the leftid option. If your certificate encodes the RDN as UTF8String, and your accent characters are encoded properly in UTF-8, it should be possible to create a matching subject using leftid if your ipsec.conf is UTF-8 encoded. > Is there an other way to specify the certification we want to use that > using leftid ? As previously discussed, you can use leftcert to directly select a plain X.509 certificate from a certificate file or smartcard slot. But that won't work for PKCS#12. To alternatively select the certificate by leftid, specify an identity contained in the certificate with one of the options from above. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
