[Swan-dev] [EXTERNAL] Re: nssdb is pointing to /etc/ipsec.d but it needs to point to the /usr/local/platform/.security/ipsec path provided in /etc/ipsec.conf

Tuomo Soini tis at foobar.fi
Wed May 16 06:56:57 UTC 2018

On Wed, 16 May 2018 05:49:10 +0000
"Veetil, Vyshnav" <Vyshnav.Veetil at harman.com> wrote:

> Hi Paul,
> Please find the details as below:
> 1. For creating nssdb in the custom location , we are using the
> command : certutil -N -d <custom location> -f <custom
> location>/nsspassword 2. for pointing the libreswan to read nssdb in
> location>the custom location , we are using : ipsecdir=<custom
> location>location> . Please find attached the content of ipsec.conf
> location>location> 3. For restarting pluto , after creating nssdb in
> location>location> the custom location, we are using the command :
> location>location> ipsec setup restart
> Also please find the attachment for the ipsec.conf

That will not work with 3.20 any more.

nsspassword is searched from ipsecdir - because that is a config file
for pluto, not nss.
certificate databases are searched from nssdir

So if you want to have both of those files in custom location, you
should have both ipsecdir and nssdir pointing to same location.

ps. I'd like to point this discussion is out of topic in swan-dev.
Please use swan at lists.libreswan.org list next time when you have
questions about configuring libreswan. This list is dedicated to
discussion of development of libreswan.

Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <https://foobar.fi/>

More information about the Swan-dev mailing list