diff options
| author | Jason McIntyre <jmc@cvs.openbsd.org> | 2006-08-31 19:06:54 +0000 |
|---|---|---|
| committer | Jason McIntyre <jmc@cvs.openbsd.org> | 2006-08-31 19:06:54 +0000 |
| commit | 56034777cfd5f49ccac362602cb48cc3d8cef36c (patch) | |
| tree | 4f2ceec8048c003f40d36125e168a2fef0679529 /sbin/isakmpd/isakmpd.8 | |
| parent | 88d0f9edf4b2edcee4bafddc724ce039c1e9f857 (diff) | |
document an issue with subjectAltName found by reyk;
ok hshoexer ho reyk
Diffstat (limited to 'sbin/isakmpd/isakmpd.8')
| -rw-r--r-- | sbin/isakmpd/isakmpd.8 | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/sbin/isakmpd/isakmpd.8 b/sbin/isakmpd/isakmpd.8 index 40a867ccad8..ec348b9cf8e 100644 --- a/sbin/isakmpd/isakmpd.8 +++ b/sbin/isakmpd/isakmpd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: isakmpd.8,v 1.90 2006/08/31 17:07:23 jmc Exp $ +.\" $OpenBSD: isakmpd.8,v 1.91 2006/08/31 19:06:53 jmc Exp $ .\" $EOM: isakmpd.8,v 1.23 2000/05/02 00:30:23 niklas Exp $ .\" .\" Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist. @@ -647,6 +647,17 @@ For a FQDN certificate, do: -extensions x509v3_FQDN -out somehost.somedomain.crt .Ed .Pp +If CERTFQDN is being used, +make sure that the +.Va subjectAltName +field of the certificate is specified using +.Ic srcid +in +.Xr ipsec.conf 5 . +A similar setup will be required if +.Xr isakmpd.conf 5 +is being used instead. +.Pp Put the certificate (the file ending in .crt) in .Pa /etc/isakmpd/certs/ on your local system. |