diff options
Diffstat (limited to 'testing/tests/ikev2/multi-level-ca-cr-init')
| -rw-r--r-- | testing/tests/ikev2/multi-level-ca-cr-init/description.txt | 12 | ||||
| -rwxr-xr-x | testing/tests/ikev2/multi-level-ca-cr-init/hosts/moon/etc/ipsec.conf | 4 |
2 files changed, 7 insertions, 9 deletions
diff --git a/testing/tests/ikev2/multi-level-ca-cr-init/description.txt b/testing/tests/ikev2/multi-level-ca-cr-init/description.txt index 0ace25731..602d026c2 100644 --- a/testing/tests/ikev2/multi-level-ca-cr-init/description.txt +++ b/testing/tests/ikev2/multi-level-ca-cr-init/description.txt @@ -1,8 +1,6 @@ -The VPN gateway <b>moon</b> controls the access to the hosts <b>alice</b> and -<b>venus</b> by means of two different Intermediate CAs. Access to -<b>alice</b> is granted to users presenting a certificate issued by the Research CA -whereas <b>venus</b> can only be reached with a certificate issued by the -Sales CA. The hosts <b>carol</b> and <b>dave</b> have certificates from -the Research CA and Sales CA, respectively. Initiator <b>moon</b> does not possess +The VPN gateway <b>moon</b> grants access to the hosts <b>alice</b> and +<b>venus</b> to anyone presenting a certificate belonging to a trust chain anchored +in the strongSwan Root CA. The hosts <b>carol</b> and <b>dave</b> have certificates from +the intermediate Research CA and Sales CA, respectively. Initiator <b>moon</b> does not possess copies of the Research and Sales CA certificates and must therefore request them from -the initiators <b>carol</b> and <b>dave</b>, respectively. +the responders <b>carol</b> and <b>dave</b>, respectively. diff --git a/testing/tests/ikev2/multi-level-ca-cr-init/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/multi-level-ca-cr-init/hosts/moon/etc/ipsec.conf index 12f0c95bf..4c84d183b 100755 --- a/testing/tests/ikev2/multi-level-ca-cr-init/hosts/moon/etc/ipsec.conf +++ b/testing/tests/ikev2/multi-level-ca-cr-init/hosts/moon/etc/ipsec.conf @@ -25,12 +25,12 @@ conn alice leftsubnet=PH_IP_ALICE/32 right=PH_IP_CAROL rightid=carol@strongswan.org - rightca="C=CH, O=Linux strongSwan, OU=Research, CN=Research CA" + rightca="C=CH, O=Linux strongSwan, CN=strongSwan Root CA" auto=add conn venus leftsubnet=PH_IP_VENUS/32 right=PH_IP_DAVE rightid=dave@strongswan.org - rightca="C=CH, O=Linux strongSwan, OU=Sales, CN=Sales CA" + rightca="C=CH, O=Linux strongSwan, CN=strongSwan Root CA" auto=add |