Dear Let’s Encrypt Community,
my problem is not related to any of the usual topics on this site, but it does go more in depth into security with certificates, than the web has answers for. So I am asking the experts. What OIDs must be included in a certificate for it to pass the ikev2 check. I tried to set up a certificate-based ipsec tunnel between two ASAs. The certificates come from MS CS and both ASAs trust the root CA. But the ikev2 process aborts, because the certificates are not supposed to be used for ikev2. Now I put numerous hours into researching the required OIDs for the certificates, but I haven’t been able to find anything. What I am asking of you now is if you could tell me the OIDs needed for authenticating an Ikev2 IPsec Site-to-Site.
Best Regards,
Max Maier