[Openswan Users] CKAIDNSS keyword not found where expected in RSA key in /var/log/secure
GregScott at InfraSupportEtc.com
Tue Jul 7 19:43:05 EDT 2009
What does "CKAIDNSS keyword not found where expected in RSA key" mean?
I have an aging system running Linux Openswan U2.4.5/K2.6.18-1.2798.fc6
(netkey). I am replacing it with a new system running Linux Openswan
U2.6.21/K(no kernel code presently loaded). The replacement system
will also run netkey, I just have Openswan shut down on it right now.
So I copied the hostkey.secrets file and appropriate .conf files from
the old to the new system. When I start IPSEC on the new system, I see
this message in /var/log/secure:
Jul 7 17:59:02 huge-fw pluto: "/etc/ipsec.d/hostkey.secrets" line
14: CKAIDNSS keyword not found where expected in RSA key
What does this mean? I am replacing the HQ site and there are a couple
of branch sites in this case. Did the format of the keys change and do
I need to generate a new key at the HQ site and fiddle with scripts at
all my branch sites to use the new key at the HQ site?
- Greg Scott
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users