From f5a8a9cdfe52c331177c8bc7b8fb84fc08d4f60a Mon Sep 17 00:00:00 2001
From: sarthurdev <965089+sarthurdev@users.noreply.github.com>
Date: Tue, 29 Jun 2021 11:06:44 +0200
Subject: pki: ipsec: T3642: Migrate IPSec to use PKI configuration

---
 data/templates/ipsec/swanctl.conf.tmpl | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'data/templates/ipsec/swanctl.conf.tmpl')

diff --git a/data/templates/ipsec/swanctl.conf.tmpl b/data/templates/ipsec/swanctl.conf.tmpl
index ea6d85743..9e629b176 100644
--- a/data/templates/ipsec/swanctl.conf.tmpl
+++ b/data/templates/ipsec/swanctl.conf.tmpl
@@ -55,9 +55,9 @@ secrets {
     }
 {%            elif peer_conf.authentication.mode == 'x509' %}
     private_{{ peer_conn_name }} {
-        file = {{ peer_conf.authentication.x509.key.file }}
-{%                if "password" in peer_conf.authentication.x509.key and peer_conf.authentication.x509.key.password %}
-        secret = "{{ peer_conf.authentication.x509.key.password}}"
+        file = {{ peer_conf.authentication.x509.certificate }}.pem
+{%                if peer_conf.authentication.x509.passphrase is defined %}
+        secret = "{{ peer_conf.authentication.x509.passphrase }}"
 {%                endif %}
     }
 {%            elif peer_conf.authentication.mode == 'rsa' and not ns.local_key_set %}
-- 
cgit v1.2.3