[Openswan Users] getting openswan to work with certs

Richard Pickett richard.pickett at csrtechnologies.com
Sun Jun 12 00:31:23 EDT 2011

So I've added my cert and key to NSS using pkcs12tool.

I created a client cert and signed it using the same ca.

I'm using shrewsoft's client to connect, and when it does it gives this:

config loaded for site ''
configuring client settings ...
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
*server cert config failed*
detached from key daemon ...

I'm watching /var/log/messages on the server side and I don't see any errors
at all. It loads my cert from the nss db just fine (it used to throw an
error until I added it) and doesn't make another entry, even when the

I saw a number of references saying "read the README.nss file that comes w/
openswan" so I downloaded the latest - no such file!?!

Where do I need to start looking to debug this cert error?

Thanks and God Bless,

Richard W. Pickett, Jr.

P.S. Have you downloaded the journal from my trip to Haiti:

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110611/966c88d6/attachment.html 

More information about the Users mailing list