HIPL Certificate Exchange Problems
Hi, I'm trying to configure the HIPL to support certificate exchange, but I'm not very clear with the chapter 9 of HIPL user manual. As it says when using 3 host to construct a HIPL certificate exchange environment, "host B is situated on the forwarding path between A and C.". Could you explain this for me? Is that means all traffic between host A and C must through B, and B is working like a router?
Besides, is it possible to implement this function just using two host A and C, and moving the hipfw function to initiator A. Following is my configuration, but it does not work. Could you help me resolve this problem, thank you in advance.
Host A: the initiatior and the CA, it generates the ca-root-cert.pem and places on its /etc/hip directory. Host A also configures its hipfw.conf by adding a rule "INPUT -cert /etc/hip/
Host C: the responder. Host A generates host-cert.der for host C and copies it to host C's /etc/hip directory.
After that, host A pings host C, but if we start the hipfw in host A, no packet can be transmitted, we don't know which is the problem, and how could we implement the HIPL certificate exchange function. Thank you very much.