swanctl Directory

The swanctl configuration directory, usually /etc/swanctl, contains swanctl.conf and a predefined
set of sub-directories that provide file based credentials, such as private keys and certificates, which are
read by the swanctl --load-creds command.

Each sub-directory is used for a specific kind of credential:

Directory Contents
x509 Trusted X.509 end entity certificates
x509ca Trusted X.509 Certificate Authority certificates
x509aa Trusted X.509 Attribute Authority certificates
x509crl Certificate Revocation Lists
x509ac Attribute Certificates
rsa PKCS#1 encoded RSA private keys
ecdsa Plain ECDSA private keys
pkcs8 PKCS#8 encoded private keys of any type
pkcs12 PKCS#12 containers
private Private keys in any format
pubkey Raw public keys

All files may be either DER or PEM encoded.