Added a left/rightcertpolicy keyword to specify certificatePolicy requirements

author: Martin Willi <martin@revosec.ch> 2011-01-07 15:14:41 +0100
committer: Martin Willi <martin@revosec.ch> 2011-01-07 15:51:35 +0100
commit: 6367de28ad9b21cc8f145c7154cb29f5acca366a (patch)
tree: af534c2db6f1a17143b154c98e803478e26eeb57 /man/ipsec.conf.5.in
parent: 1ed482d808dfa188e091363a6701e1947566396a (diff)
download: strongswan-6367de28ad9b21cc8f145c7154cb29f5acca366a.tar.bz2
strongswan-6367de28ad9b21cc8f145c7154cb29f5acca366a.tar.xz
1 files changed, 4 insertions, 0 deletions
diff --git a/man/ipsec.conf.5.in b/man/ipsec.conf.5.in
index 0de9a2c92..a75b5566e 100644
--- a/man/ipsec.conf.5.in
+++ b/man/ipsec.conf.5.in
@@ -598,6 +598,10 @@ Same as
 .B leftcert,
 but for the second authentication round (IKEv2 only).
 .TP
+.BR leftcertpolicy " = <OIDs>"
+Comma separated list of certificate policy OIDs the peers certificate must have.
+OIDs are specified using the numerical dotted representation (IKEv2 only).
+.TP
 .BR leftfirewall " = yes | " no
 whether the left participant is doing forwarding-firewalling
 (including masquerading) using iptables for traffic from \fIleftsubnet\fR,
author	Martin Willi <martin@revosec.ch>	2011-01-07 15:14:41 +0100
committer	Martin Willi <martin@revosec.ch>	2011-01-07 15:51:35 +0100
commit	6367de28ad9b21cc8f145c7154cb29f5acca366a (patch)
tree	af534c2db6f1a17143b154c98e803478e26eeb57 /man/ipsec.conf.5.in
parent	1ed482d808dfa188e091363a6701e1947566396a (diff)
download	strongswan-6367de28ad9b21cc8f145c7154cb29f5acca366a.tar.bz2 strongswan-6367de28ad9b21cc8f145c7154cb29f5acca366a.tar.xz