Project

General

Profile

ipsec.d

strongSwan's /etc/ipsec.d/ directory contains various certificate and CRL files that are loaded by
the keying daemons pluto and charon. The following subdirectories are currently defined:

  • private contains RSA and ECDSA private key files
  • certs contains X.509 or PGP end entity certificates
  • crls contains certificate revocation lists
  • cacerts contains trustworthy CA certificates
  • ocspcerts contains trustworthy OCSP signer certificates
  • aacerts contains trustworthy authorization authority certificates
  • acerts contains attribute certificates
  • reqs contains PKCS#10 certificate requests