Hello! We want to limit the usage of certificates by defining certain "Extended Key Usage" (EKU) flags to them.
As an example, we want to set the "IPSec User" usage (1.3.6.1.5.5.7.3.7) and only allow connection via IPSec, if it is set. We may use some other flags out of our own space too. How can I check in StrongSwan, if a certain EKU exists? Regards Sven Anders -- Sven Anders <[email protected]> () UTF-8 Ribbon Campaign /\ Support plain text e-mail ANDURAS intranet security AG Messestrasse 3 - 94036 Passau - Germany Web: www.anduras.de - Tel: +49 (0)851-4 90 50-0 - Fax: +49 (0)851-4 90 50-55 Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. - Benjamin Franklin
