Steps for setting up the IKE daemon for digital signature authentication using the certificate service of an NSS server

You can configure the IKE daemon to use the certificate service of an NSS server and to use RSA signature mode authentication. Details for each step are in the corresponding subtopics.

Procedure

Perform the following steps to set up the IKE daemon for digital signature authentication when the certificate service of an NSS server is being used:

  1. Update the IKE daemon configuration file to define NSS clients.
  2. Install X509 digital certificates for NSS clients on the NSS server's key ring.
  3. Authorize the NSS clients.
  4. Enable HTTP Certificate Lookup (optional)
Parent topic: Step 5: Setting up the IKE daemon for digital signature authentication (optional)