Hi,
I managed to get IPSec properly configured on my x86 device. Currently, it
uses pre-shared key authentication with a string key "testkey". These are the
settings (in my policy file):
policy=testpolicy
inaction=2
outaction=3
auth=1
info=testkey
mmhash=2
mmenc=1
qmhash=2
qmenc=1
dh=2
protocol=6
srcip=myip
With the same configurations on my dev PC, i'm able to send and receive TCP
packets to and from the device with everything being encrypted.
I'm now trying to use Certification authentication (auth now needs to be 2)
but am unsure as to how to specify a certificate. From the IPSec doc
(http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wcecomm5/html/wce50conipsecsamples.asp)
it gives an example. It uses a certificate by assigning info= CN=Sample Root
CA;
Since "Sample Root CA" is not installed on my device, i looked for a mutual
certificate which was installed on my device and my dev PC. I found "Class 3
Public Primary Certification Authority". I just don't know how to specify
this in the policy file. I've tried so many different combinations of "info"
values, some are listed below with none of them working:
1. info= CN=Class 3 Public Primary Certification Authority;
2. info= CN=VeriSign Class 3 Public Primary Certification Authority;
3. info= C=US, O="VeriSign, Inc.", OU=Class 3 Public Primary Certification
Authority;
Can anyone offer any advice? Thanks.
Michael--J.