Openswan's rightid=%fromcert option does not load the correct certificate
Issue
When using certificates for IPsec tunnel negotiation with openswan, the peer's ID needs to be the DN string from the certificate that the peer is offering. I'm trying to use rightid=%fromcert to load the ID from the certificate that the peer sent, but it does not seem to work.
Environment
- Red Hat Enterprise Linux 6
- openswan-2.6.32-19.el6_3
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.