From owner-freebsd-questions  Sun Jul 21  2: 8:51 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 336D437B400; Sun, 21 Jul 2002 02:08:47 -0700 (PDT)
Received: from antalya.lupe-christoph.de (pD9E880C2.dip0.t-ipconnect.de [217.232.128.194])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 3F22643E75; Sun, 21 Jul 2002 02:08:43 -0700 (PDT)
	(envelope-from lupe@lupe-christoph.de)
Received: by antalya.lupe-christoph.de (Postfix, from userid 1000)
	id 1997174C; Sun, 21 Jul 2002 11:08:40 +0200 (CEST)
Date: Sun, 21 Jul 2002 11:08:40 +0200
To: chris scott <chris.scott@uk.tiscali.com>
Cc: admin@gbinetwork.com, freebsd-security@FreeBSD.ORG,
	freebsd-questions@FreeBSD.ORG
Subject: Re: roaming ipsec policies and racoon
Message-ID: <20020721090840.GA461@lupe-christoph.de>
References: <008501c2304c$59fbd800$a4102c0a@viper> <1048.68.49.119.89.1027211092.squirrel@webmail.xinu.com> <00a401c2304e$7762c820$a4102c0a@viper>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <00a401c2304e$7762c820$a4102c0a@viper>
User-Agent: Mutt/1.3.28i
From: lupe@lupe-christoph.de (Lupe Christoph)
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Sunday, 2002-07-21 at 01:35:08 +0100, chris scott wrote:
> yes it does I believe. I have not looked into this ye thought, does this
> mean I have to have a proper one from an authority that will cost me and arm
> and a leg?

You can create your own CA. I can send you a few shell scripts
that make the creation of certificates etc. easy, but you will
still have to create your CA.

There was a good German article on this, aimed at FreeS/WAN
at the server. But the OpenSSL stuff still apllies, of course.

  http://www.heise.de/ct/02/05/220/default.shtml

Just copy/paste the openssl calls. Email me if you want
the (trivial) scripts.

HTH,
Lupe Christoph
> ----- Original Message -----
> From: "James Bristle" <admin@gbinetwork.com>
> To: <chris.scott@uk.tiscali.com>
> Sent: Sunday, July 21, 2002 1:24 AM
> Subject: Re: roaming ipsec policies and racoon

> > does windows support certs ?

Strange, this mail hasn't made it to me (yet?).

Yes, Windows 2000 and XP can use Certs. As can third-party IPSec
implementations for Windows.

Lupe Christoph
-- 
| lupe@lupe-christoph.de       |           http://www.lupe-christoph.de/ |
| I have challenged the entire ISO-9000 quality assurance team to a      |
| Bat-Leth contest on the holodeck. They will not concern us again.      |
| http://public.logica.com/~stepneys/joke/klingon.htm                    |

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message