[Openswan Users] Openswan doesn't starts because pluto is down
Tuomo Soini
tis at foobar.fi
Mon Jan 4 14:39:22 EST 2010
Jorge Jimenez wrote:
> Hi Ondrej,
>
> "certuil -H" isn't a valid option to certutil in my machine.
> I try:
>
> [root at pross-mon01 ~]# certutil -K
certutil -K -d /etc/ipsec.d
> [root at pross-mon01 ~]# certutil -L
certutil -L -d /etc/ipsec.d
> /var/log/secure contains 3 lines when I try to start ipsec:
>
> Jan 4 19:50:30 pross-mon01 ipsec__plutorun: Starting Pluto subsystem...
> Jan 4 19:50:30 pross-mon01 pluto[3035]: nss directory plutomain: sql:/etc/ipsec.d
I just fixed this in git. NSS support had hardcoded requirement for
latest NSPR/NSS than el5 has. Fix was to remove hardcoded sql: from nss
directory path.
> Jan 4 19:50:30 pross-mon01 pluto[3035]: NSS initialization failed (err -8174)
Try attached patch, it should fix your problem.
--
Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <http://foobar.fi/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openswan.git-b451d26f471a5348fa8e2d16d74dace588825ae4.patch
Type: text/x-patch
Size: 907 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20100104/d42213b0/attachment.bin
More information about the Users
mailing list