I will look into changing local.ca to something more appropriate. Originally I wanted to use p12 files with everything in them (CA cert, client cert, client key), but this created messiness on the Windows end. This is why I separated out the CA cert, with the client cert and the client key going into a pfx file.
Regards, Derek. On Mon, Jan 28, 2019 at 1:32 AM Tobias Brunner <[email protected]> wrote: > > Hi Derek, > > > (1) An IKEv2 profile importer for Windows 10, modeled on the > > strongSwan profile importer for Android: > > https://github.com/dcamero2016/vpn-importer > > Nice idea. local.ca is wrong, though, it's the CA certificate to verify > the remote's certificate, it hasn't necessarily anything to do with the > client's authentication or certificate (i.e. should be remote.ca, or > remote.cert to keep it compatible with our format). And why change > local.p12 to local.pfx? (It's still a PKCS#12 container, no?) > > Regards, > Tobias
