12 lines
663 B
Plaintext
12 lines
663 B
Plaintext
Both the roadwarrior <b>carol</b> and the gateway <b>moon</b> generate a
|
|
PKCS#1 RSA private key and a PKCS#10 certificate request using the
|
|
<b>ipsec scepclient</b> function. Because the UML testing environment
|
|
does not offer enough entropy, the non-blocking /dev/urandom device is
|
|
used in place of /dev/random for generating the random primes.
|
|
<p>
|
|
The certificate requests are copied to <b>winnetou</b> where a certification
|
|
authority based on OpenSSL issues X.509 certificates by verifying and
|
|
signing the PCKS#10 requests. The certificates are then copied back to
|
|
the corresponding hosts and used to set up a road warrior connection
|
|
initiated by <b>carol</b>
|