diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2017-10-31 14:20:28 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2017-11-08 16:48:10 +0100 |
| commit | fde0c763b6c1066d206dad3d09920e8e900f6f18 (patch) | |
| tree | 004082e4053fa6e0bfebe0f098f43a85a5c9f7c0 /man | |
| parent | 27a79326c750b6f2548d1993298746f10a1b1b2b (diff) | |
| download | strongswan-fde0c763b6c1066d206dad3d09920e8e900f6f18.tar.bz2 strongswan-fde0c763b6c1066d206dad3d09920e8e900f6f18.tar.xz | |
auth-cfg: Add RSA/PSS schemes for pubkey and rsa if enabled in strongswan.conf
Also document the rsa/pss prefix.
Diffstat (limited to 'man')
| -rw-r--r-- | man/ipsec.conf.5.in | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/man/ipsec.conf.5.in b/man/ipsec.conf.5.in index 85340f2da..774df75ac 100644 --- a/man/ipsec.conf.5.in +++ b/man/ipsec.conf.5.in @@ -631,6 +631,12 @@ constraint (without ike: prefix) will also apply to IKEv2 authentication, unless this is disabled in .BR strongswan.conf (5). +To use or require RSASSA-PSS signatures use rsa/pss instead of rsa as in e.g. +.BR ike:rsa/pss-sha256 . +If \fBpubkey\fR or \fBrsa\fR constraints are configured RSASSA-PSS signatures +will only be used/accepted if enabled in +.BR strongswan.conf (5). + For .BR eap , an optional EAP method can be appended. Currently defined methods are |