[Openswan Users] IPSEC.SECRETS

Paul Wouters paul at xelerance.com
Mon Aug 1 23:04:30 CEST 2005


On Mon, 1 Aug 2005, Francisc Simon wrote:

> I've generated an certification in the file
> key_server.pem and copy this to /etc/ipsec.d/private,
> after that i edit the file /etc/ipsec.secrets and
> write inside the line : RSA key_server.pem "password"
> and let a free row at the end of the file. But the
> command ipsec verify shows me again:
>
> checking for RSA private key ... FAILED
> ipsec showhostkey: no default key in
> "/etc/ipsec.d/ipsec.secrets"

You can ignore that. It is a buglet in openswan. You have no
raw RSA key in ipsec.secrets, but you do not need one since you
are using an RSA key in a X.509 certificate.

Paul


More information about the Users mailing list