[Openswan Users] NSS and openswan 2.6.25
Martin Nield
member at mandp.freeserve.co.uk
Sun May 23 16:47:17 EDT 2010
Sirs,
I have read the README.nss text file that comes with openswan 2.6.25 and am unable to make ipsec work. However, my
configuration does work with openswan 2.6.23 using NSS database and RSA keys as described in the README.nss file.
When I attempt to bring up the connection using openswan 2.6.25, I get the following error:
003 "/etc/ipsec.d/ipsec.secrets" line 2: NSS certificate not found
Please advise what I need to alter in my configuration to make it work for openswan 2.6.25. What follows is my
ipsec.conf for your consideration:
ipsec.conf
----
version 2.0
config setup
interfaces = "ipsec0=eth0"
conn %default
keyingtries = 0
leftrsasigkey = %cert
rightrsasigkey = %cert
rekey = no
esp = "aes-sha1"
ike = "aes-sha1"
type = transport
auto = add
conn left-right
left = left.example.com
leftid = "CN=left.example.com"
leftcert = left
leftsourceip = left.example.com
leftnexthop = right.example.com
right = right.example.com
rightid = "CN=right.example.com"
rightcert = right
rightsourceip = right.example.com
rightnexthop = left.example.com
----
ipsec.secrets
----
@left.example.com : RSA left
----
nsspassword
----
NSS Certificate DB:nss_password
----
Many thanks in advance,
Martin
More information about the Users
mailing list