[Openswan Users] system could not open host cert with nick name, what is that about?
avagarwa at redhat.com
Thu Apr 29 12:06:28 EDT 2010
On 04/29/2010 03:13 AM, Bob Balsover wrote:
> Does anyone know what this error is about? I have Googled for it and found
> nothing. I tried including the complete path to the cert, I have tried
> specifying both the cert from the cert directory and the key from the
> private directory, no difference. I am not passing it a nick name, I am
> specifying the file name so I don't know what the nickname comment is about,
> but none of the documentation that that I have read said anything about
> nicknames in the NSS DB whatever that is.
> Does anyone know where the documentation is on this NSS DB as it pertains to
> the openswan ipsec.secrets file is located?
> Apr 28 23:37:23 gateway pluto: loading secrets from
> Apr 28 23:37:23 gateway pluto: could not open host cert with nick
> name '/etc/ipsec.d/private/my.key' in NSS DB
> Apr 28 23:37:23 gateway pluto: "/etc/ipsec.secrets" line 3: NSS
> certficate not found
> : RSA /etc/ipsec.d/private/my.key "passphrase was here"
> #include /etc/ipsec.d/*.secrets
You need to create/import your certificate in the NSS database. There is
a README.nss in the openswan package that gives details how to do it,
and how to use certificates with NSS.
> Users at openswan.org
> Building and Integrating Virtual Private Networks with Openswan:
More information about the Users