summaryrefslogtreecommitdiff
path: root/testing/tests/ikev2/multi-level-ca-strict/description.txt
blob: 6467d5222d1c623af82e8dcb512a7a00b1ea3cb5 (plain)
1
2
3
4
5
6
7
By setting <b>strictcrlpolicy=yes</b>, a <b>strict CRL policy</b> is enforced
on all peers.
The VPN gateway <b>moon</b> grants access to the hosts <b>alice</b> and
<b>venus</b> to anyone presenting a certificate belonging to a trust
chain anchored in the strongSwan Root CA. Therefore both road warriors
<b>carol</b> and <b>dave</b>, holding certificates from the Research CA
and Sales CA, respectively, can reach both <b>alice</b> and <b>venus</b>.