# /etc/strongswan.conf - strongSwan configuration file charon { load = aes md5 sha1 sha2 hmac gmp pem pkcs1 random nonce x509 curl revocation stroke kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-imv tnc-tnccs tnccs-20 updown sqlite multiple_authentication = no plugins { eap-ttls { phase2_method = md5 phase2_piggyback = yes phase2_tnc = yes } } } libimcv { database = sqlite:///etc/db.d/config.db policy_script = ipsec imv_policy_manager plugins { imv-attestation { hash_algorithm = sha1 dh_group = modp2048 mandatory_dh_groups = no } } } attest { load = random nonce openssl sqlite database = sqlite:///etc/db.d/config.db }