Version 7 - History - ipsec.conf: ca Reference - strongSwan

ipsec.conf: ca Reference » History » Version 7

Tobias Brunner, 05.05.2009 16:47
trac conversion errors fixed

-Tobias Brunner
+h1. ca <name>
 Tobias Brunner
 Martin Willi
-Tobias Brunner
+_also = <section name>_
-Tobias Brunner
+p((. includes ca section <name>.
 Martin Willi
-Tobias Brunner
+_auto = *ignore* | add_
 Martin Willi
-Tobias Brunner
+_cacert = <path>_
-Tobias Brunner
+p((. defines a path to the CA certificate either relative to _/etc/ipsec.d/cacerts_ or as an absolute path.
 Martin Willi
-Tobias Brunner
+_crluri = <uri>_
-Tobias Brunner
+p((. defines a CRL distribution point (ldap, http, or file URI).
 Martin Willi
-Tobias Brunner
+_crluri1 = <uri>_
-Tobias Brunner
+p((. synonym for _crluri_.
 Martin Willi
-Tobias Brunner
+_crluri2 = <uri>_
-Tobias Brunner
+p((. defines an alternative CRL distribution point (ldap, http, or file URI).
 Martin Willi
-Tobias Brunner
+_ldaphost = <hostname>_
-Tobias Brunner
+p((. defines an ldap host. Currently used by IKEv1 only.
 Martin Willi
-Tobias Brunner
+_ocspuri = <uri>_
-Tobias Brunner
+p((. defines an OCSP URI.
 Martin Willi
-Tobias Brunner
+_ocspuri1 = <uri>_
-Tobias Brunner
+p((. synonym for _ocspuri_.
 Martin Willi
-Tobias Brunner
+_ocspuri2 = <uri>_
-Tobias Brunner
+p((. defines an alternative OCSP URI. Currently used by IKEv2 only.
 Tobias Brunner
-Tobias Brunner
+_certuribase = <uri>_
-Tobias Brunner
+p((. defines the base URI for the [[HashAndUrl|Hash and URL]] feature supported by IKEv2.
-Tobias Brunner
+     Instead of exchanging complete certificates, IKEv2 allows to send an URI
-Tobias Brunner
+     that resolves to the DER encoded certificate. The certificate URIs are built
-Martin Willi
+     by appending the SHA1 hash of the DER encoded certificates to this base URI.

Project

General

Profile

strongSwan

ipsec.conf: ca Reference » History » Version 7