The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key
exchange protocols in conjunction with the native NETKEY IPsec stack of the
strongswan_pki pki is a suite of commands that allow you to manage a simple public key infrastructure (PKI). Generate RSA and ECDSA key pairs, create PKCS#10 certificate... strongswan_pki---acert This sub-command of pki(1) is used to issue an attribute certificate using an issuer certificate with its private key and the holder certificate. strongswan_pki---dn This sub-command of pki(1) extracts the ASN.1-encoded subject DistinguishedName (DN) of an X.509 certificate and exports it in different formats. This may be... strongswan.conf While the ipsec.conf(5) configuration file is well suited to define IPsec related configuration parameters, it is not useful for other strongSwan applications... strongswan_ipsec.conf The optional ipsec.conf file specifies most configuration and control information for the strongSwan IPsec subsystem. The major exception is secrets for... strongswan_ipsec.secrets The file ipsec.secrets holds a table of secrets. These secrets are used by the strongSwan Internet Key Exchange (IKE) daemons pluto (IKEv1) and charon (IKEv2)... strongswan_swanctl.conf swanctl.conf is the configuration file used by the swanctl(8) tool to load configurations and credentials into the strongSwan IKE daemon. For a description of... strongswan The ipsec utility invokes any of several utilities involved in controlling and monitoring the IPsec encryption/authentication system, running the specified... strongswan_charon-cmd charon-cmd is a program for setting up IPsec VPN connections using the Internet Key Exchange protocol (IKE) in version 1 and 2. It supports a number of... strongswan_scepclient scepclient is a client implementation of Cisco System's Simple Certificate Enrollment Protocol (SCEP) written for Linux strongSwan <http://www.strongswan.org>... strongswan_swanctl swanctl is a cross-platform command line utility to configure, control and monitor the strongSwan IKE daemon. It is a replacement for the aging starter, ipsec...