Discussion:
[strongSwan] strongSwan plugins - openssl and x509
divya mohan
2018-07-11 09:08:31 UTC
Permalink
Hello,

I found the below documentation at
https://wiki.strongswan.org/projects/strongswan/wiki/Pluginlist

openssl - Crypto backend based on OpenSSL, provides
RSA/ECDSA/DH/ECDH/ciphers/hashers/HMAC/X.509/CRL/RNG

x509 - Advanced X.509 plugin for parsing/generating X.509
certificates/CRLs and OCSP messages

One question here --

Is usage of x509 certificates supported by both the above plugins?
So, if I am enabling openssl plugin, can x509 plugin be disabled?
My use case requires using x509 certificates, without CRL or OCSP support.

- Divya
Andreas Steffen
2018-07-11 09:18:36 UTC
Permalink
Hi Divya,

yes, if you don't need OCSP support then you can disable the
x509 plugin in the presence of the openssl plugin.

Regards

Andreas
Post by divya mohan
Hello,
I found the below documentation at
https://wiki.strongswan.org/projects/strongswan/wiki/Pluginlist
openssl - Crypto backend based on OpenSSL, provides
RSA/ECDSA/DH/ECDH/ciphers/hashers/HMAC/X.509/CRL/RNG
x509 - Advanced X.509 plugin for parsing/generating X.509
certificates/CRLs and OCSP messages
One question here --
Is usage of x509 certificates supported by both the above plugins?
So, if I am enabling openssl plugin, can x509 plugin be disabled?
My use case requires using x509 certificates, without CRL or OCSP support.
- Divya
--
======================================================================
Andreas Steffen ***@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[INS-HSR]==
Loading...