So I've added my cert and key to NSS using pkcs12tool.<div><br></div><div>I created a client cert and signed it using the same ca.</div><div><br></div><div>I'm using shrewsoft's client to connect, and when it does it gives this:</div>
<div><br></div><div><div>config loaded for site '173.255.240.28'</div><div>configuring client settings ...</div><div>attached to key daemon ...</div><div>peer configured</div><div>iskamp proposal configured</div>
<div>
esp proposal configured</div><div>client configured</div><div><b>server cert config failed</b></div><div>detached from key daemon ...</div><div><br></div>I'm watching /var/log/messages on the server side and I don't see any errors at all. It loads my cert from the nss db just fine (it used to throw an error until I added it) and doesn't make another entry, even when the <br>
<br></div><div>I saw a number of references saying "read the README.nss file that comes w/ openswan" so I downloaded the latest - no such file!?!</div><div><br></div><div>Where do I need to start looking to debug this cert error?</div>
<div><br>Thanks and God Bless,<br><br>Richard W. Pickett, Jr.<br><a href="http://www.MyHaitianAdoption.org">www.MyHaitianAdoption.org</a><br><br>P.S. Have you downloaded the journal from my trip to Haiti:<br><br><a href="http://www.myhaitianadoption.org/trips/journal-earthquake-rescue-jan-23-feb-2/">http://www.myhaitianadoption.org/trips/journal-earthquake-rescue-jan-23-feb-2/</a><br>
<br>
</div>