# /etc/strongswan.conf - strongSwan configuration file

charon {
  load = random nonce pem pkcs1 pkcs8 x509 revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown

  initiator_only = yes

  plugins {
    openssl {
      fips_mode = 2
    }
  }
}