[Swan-dev] NSS Password file "/etc/ipsec.d/nsspassword" for token "OpenDNSSEC" could not be opened for reading
paul at nohats.ca
Sat Jan 11 23:06:50 UTC 2020
I'm confused why I am seeing:
002 "ikev2-westnet-eastnet-x509-cr" #1: NSS Password file "/etc/ipsec.d/nsspassword" for token "OpenDNSSEC" could not be opened for reading
I did install softhsm and opendnssec for testing on my laptop and I see
this during namespace based testing. I'm just confused why NSS is
looking there? When we ran ipsec initnss, we initizlised the database
without pointing to any softhsm or other token kind? What part of
nss is picking this up?
I've added a sanizier for "OpenDNSSEC", which at least resolves the
false positives during testing for me.
More information about the Swan-dev