Re: fswcert
On Tue, Apr 09, 2002 at 08:01:14AM +0200, Lupe Christoph wrote:
> Here is an example:
>
> conn %default
> authby=rsasig
> leftrsasigkey=%cert
> rightrsasigkey=%cert
> left=%defaultroute
> leftsubnet=192.168.2.0/24
> leftid="C=DE, ST=Bavaria, O=Octogon Gesellschaft fuer Computer-Dienstleistungen mbH, OU=Lupe's Home Office, CN=antalya.lupe-christoph.de/Email=lupe@lupe-christoph.de"
>
> The ID is in the certificate. Extract it like:
> openssl x509 -in certificate.pem -noout -text | sed -n -e 's/.*Subject: //p'
You can save yourself this step: use a leftcert pointing to your
certificate, and you don't need the leftid. Reduces redundancy, and
avoids having that huge long line in your config file!
Andrew
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to:
- Follow-Ups:
- Re: fswcert
- From: lupe@lupe-christoph.de (Lupe Christoph)
- References:
- fswcert
- From: Victor Vuillard <victor.vuillard@securitykeepers.com>
- Re: fswcert
- From: "Noah L. Meyerhans" <frodo@morgul.net>
- Re: fswcert
- From: lupe@lupe-christoph.de (Lupe Christoph)