diff options
Diffstat (limited to 'conf/options/charon.opt')
| -rw-r--r-- | conf/options/charon.opt | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/conf/options/charon.opt b/conf/options/charon.opt index 380ce9305..c8e731665 100644 --- a/conf/options/charon.opt +++ b/conf/options/charon.opt @@ -290,6 +290,14 @@ charon.send_vendor_id = no charon.signature_authentication = yes Whether to enable Signature Authentication as per RFC 7427. +charon.signature_authentication_constraints = yes + Whether to enable constraints against IKEv2 signature schemes. + + If enabled, signature schemes configured in _rightauth_, in addition to + getting used as constraints against signature schemes employed in the + certificate chain, are also used as constraints against the signature scheme + used by peers during IKEv2. + charon.start-scripts {} Section containing a list of scripts (name = path) that are executed when the daemon is started. |