testing: Don't load certificates explicitly and delete CA certificates in PKCS#12...
authorTobias Brunner <tobias@strongswan.org>
Mon, 15 Jul 2013 09:19:27 +0000 (11:19 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 15 Jul 2013 09:27:07 +0000 (11:27 +0200)
Certificates are now properly extracted from PKCS#12 files.

testing/tests/ikev2/net2net-pkcs12/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/net2net-pkcs12/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/net2net-pkcs12/pretest.dat
testing/tests/openssl-ikev2/net2net-pkcs12/hosts/moon/etc/ipsec.conf
testing/tests/openssl-ikev2/net2net-pkcs12/hosts/sun/etc/ipsec.conf
testing/tests/openssl-ikev2/net2net-pkcs12/pretest.dat

index 2d31a19..0296e18 100644 (file)
@@ -12,7 +12,6 @@ conn %default
 
 conn net-net 
        left=PH_IP_MOON
-       leftcert=moonCert.pem
        leftid=@moon.strongswan.org
        leftsubnet=10.1.0.0/16
        leftfirewall=yes
index 06bfa03..6dcedd0 100644 (file)
@@ -12,7 +12,6 @@ conn %default
 
 conn net-net 
        left=PH_IP_SUN
-       leftcert=sunCert.pem
        leftid=@sun.strongswan.org
        leftsubnet=10.2.0.0/16
        leftfirewall=yes
index 4a6f0db..3492238 100644 (file)
@@ -1,4 +1,7 @@
 moon::rm /etc/ipsec.d/private/moonKey.pem
+moon::rm /etc/ipsec.d/cacerts/strongswanCert.pem
+sun::rm /etc/ipsec.d/private/sunKey.pem
+sun::rm /etc/ipsec.d/cacerts/strongswanCert.pem
 moon::iptables-restore < /etc/iptables.rules
 sun::iptables-restore < /etc/iptables.rules
 moon::ipsec start
index 2d31a19..0296e18 100644 (file)
@@ -12,7 +12,6 @@ conn %default
 
 conn net-net 
        left=PH_IP_MOON
-       leftcert=moonCert.pem
        leftid=@moon.strongswan.org
        leftsubnet=10.1.0.0/16
        leftfirewall=yes
index 06bfa03..6dcedd0 100644 (file)
@@ -12,7 +12,6 @@ conn %default
 
 conn net-net 
        left=PH_IP_SUN
-       leftcert=sunCert.pem
        leftid=@sun.strongswan.org
        leftsubnet=10.2.0.0/16
        leftfirewall=yes
index 4a6f0db..3492238 100644 (file)
@@ -1,4 +1,7 @@
 moon::rm /etc/ipsec.d/private/moonKey.pem
+moon::rm /etc/ipsec.d/cacerts/strongswanCert.pem
+sun::rm /etc/ipsec.d/private/sunKey.pem
+sun::rm /etc/ipsec.d/cacerts/strongswanCert.pem
 moon::iptables-restore < /etc/iptables.rules
 sun::iptables-restore < /etc/iptables.rules
 moon::ipsec start