Thanks Noel, Andreas. I got it working with the win7 clients! I always use the pem extension as crt and key combined and I am seeing pem in the docs.
-----Original Message----- From: Andreas Steffen [mailto:[email protected]] Sent: vrijdag 26 januari 2018 16:46 To: [email protected] Subject: Re: [strongSwan] Separate files for crt and key Hi Marc, certificates and keys are always loaded from separate files (with the exemption of PKCS#12 containers). The certificates are loaded via leftcert|rightcert entries in ipsec.conf and keys are loaded via RSA|ECDSA entries in ipsec.secrets. The matching of certs and keys is done automatically by the strongSwan daemon. Regards Andreas On 26.01.2018 15:01, Marc Roos wrote: > Is it possible to specify separate files for the crt and key? > Something like > > leftcert=moonCert.crt > leftkey=moonCert.key ??? > > > > > conn rw-eap > left=192.168.0.1 > leftsubnet=10.1.0.0/16 > [email protected] > leftcert=moonCert.pem > leftauth=pubkey > leftfirewall=yes > rightid=*@strongswan.org > rightauth=eap-md5 > rightsendcert=never > right=%any > auto=add > -- ====================================================================== Andreas Steffen [email protected] strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[INS-HSR]==
