I can confirm the ability to read TPM NVRAM keys and certificates successfully using the pki tool.
I am also able to confirm successfully being able to complete an ipsec connection from my client machine via those same TPM-based credentials to my ipsec server.
On my Focal ipsec client machine, I added the following PPA:
deb http:// archive. ubuntu. com/ubuntu/ focal-proposed restricted main multiverse universe
I installed various strongswan packages:
charon- systemd/ focal-proposed, now 5.8.2-1ubuntu3.2 amd64 [installed] extra-plugins/ focal-proposed, now 5.8.2-1ubuntu3.2 amd64 [installed] standard- plugins/ focal-proposed, now 5.8.2-1ubuntu3.2 amd64 [installed] focal-proposed, now 5.8.2-1ubuntu3.2 amd64 [installed, automatic] libcharon/ focal-proposed, now 5.8.2-1ubuntu3.2 amd64 [installed, automatic] pki/focal- proposed, now 5.8.2-1ubuntu3.2 amd64 [installed] swanctl/ focal-proposed, now 5.8.2-1ubuntu3.2 amd64 [installed, automatic]
libstrongswan-
libstrongswan-
libstrongswan/
strongswan-
strongswan-
strongswan-
I can confirm the ability to read TPM NVRAM keys and certificates successfully using the pki tool.
I am also able to confirm successfully being able to complete an ipsec connection from my client machine via those same TPM-based credentials to my ipsec server.