ipsec.d¶
strongSwan's /etc/ipsec.d/ directory contains various certificate and CRL files that are loaded by
the keying daemons pluto and charon. The following subdirectories are currently defined:
- private contains RSA and ECDSA private key files
- certs contains X.509 or PGP end entity certificates
- crls contains certificate revocation lists
- cacerts contains trustworthy CA certificates
- ocspcerts contains trustworthy OCSP signer certificates
- aacerts contains trustworthy authorization authority certificates
- acerts contains attribute certificates
- reqs contains PKCS#10 certificate requests