From: Marcus Leech <mleech@no...> - 2005-03-22 19:17:48
If the client configuration *doesn't* specify a certificate_type, then
the cert-request sets
the cert-type to '0', rather than '4'.
For a roadwarrior doing xauth authentication, the client side *doesn't*
have a certificate,
although they *do* specify a ca certificate using 'ca_type'. I was
previously able to
get around this bug by specifying a dummy certificate_type, pointing
at the CA certificate
in both the public-key and private-key fields. But the HEAD version
of the code seems
to insist on there being a private-key there, even though you'll never
use it, so my little
workaround no longer works.
It seems to me that the certificate-request type should be inherited
from the "ca_type" configuration
if the configuration file doesn't specify a "certificate_type" field.