services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.ca_id
Identity in CA certificate to accept for authentication. The specified
identity must be contained in one (intermediate) CA of the remote peer
trustchain, either as subject or as subjectAltName. This has the same
effect as specifying cacerts to force clients under
a CA to specific connections; it does not require the CA certificate
to be available locally, and can be received from the peer during the
IKE exchange.
- Type
null or string- Default
null- Declared
- <nixpkgs/nixos/modules/services/networking/strongswan-swanctl/module.nix>