[vpn-help] What does "use subject in received certificate" do?
Christian Brandes
christian.brandes at forschungsgruppe.de
Fri Jul 22 13:08:26 CDT 2011
Shrew Soft VPNClient Ver 2.1.7
Windows XP SP3
When I set ASN.1 DN string in remote identity and "use subject in received certificate but do not compare it with a specific value".
What does this do?
Does it just compare the transmitted ASN.1 DN string from the remote peer with the certificate received by the remote peer?
In other words if the remote peer uses a different certificate then expected and transmitts the corresponding ASN.1 DN string this is not detectet?
Is the ASN.1 DN somehow compared to the hostname or IP-number of the remote peer?
So to be sure that the remote peer uses the right certificate, do I have to deactivate "use subject in received certificate but do not compare it with a specific value" and set the ASN.1 DN as expected?
Best regards
Christian
More information about the vpn-help
mailing list