When using certificates for IPsec tunnel negotiation with openswan, the peer's ID needs to be the DN string from the certificate that the peer is offering. I'm trying to use rightid=%fromcert to load the ID from the certificate that the peer sent, but it does not seem to work.
- Red Hat Enterprise Linux 6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.