ipsec.d¶

strongSwan's /etc/ipsec.d/ directory contains various certificate and CRL files that are loaded by
the keying daemons pluto and charon. The following subdirectories are currently defined:

• private contains RSA and ECDSA private key files
• certs contains X.509 or PGP end entity certificates
• crls contains certificate revocation lists
• cacerts contains trustworthy CA certificates
• ocspcerts contains trustworthy OCSP signer certificates
• aacerts contains trustworthy authorization authority certificates
• acerts contains attribute certificates
• reqs contains PKCS#10 certificate requests