On Tuesday, 2002-04-09 at 00:03:20 -0400, Noah L. Meyerhans wrote:
> On Fri, Apr 05, 2002 at 12:13:41PM +0200, Victor Vuillard wrote:
> > the "fswcert" tool, which is used to extract private key from
> > certificate was before in freeswan package. I was not able to find it in
> > 1.95 version of freeswan. Anyone knows why it has been removed ???
>
> Because it's no longer needed. The Debian freeswan packages can use
> certs directly. Some stuff in /usr/share/doc/freeswan will help you
> figure out how to use them.
>
Here is an example:
conn %default
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
left=%defaultroute
leftsubnet=192.168.2.0/24
leftid="C=DE, ST=Bavaria, O=Octogon Gesellschaft fuer
Computer-Dienstleistungen mbH, OU=Lupe's Home Office,
[EMAIL PROTECTED]"
The ID is in the certificate. Extract it like:
openssl x509 -in certificate.pem -noout -text | sed -n -e 's/.*Subject: //p'
Mail me directly if you need help setting this up.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://free.prohosting.com/~lupe |
| I have challenged the entire ISO-9000 quality assurance team to a |
| Bat-Leth contest on the holodeck. They will not concern us again. |
| http://public.logica.com/~stepneys/joke/klingon.htm |
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
