[Swan] Cannot compile Libreswan 3.14 and newer on CentOS 5

Tomas France tomfra at centrum.cz
Fri Sep 25 20:13:23 UTC 2015


Trying to compile NSS version from CentOS 6 srpm but so far the compile
fails. I'll keep trying for a while but it may be futile.

Tomas



-----Original Message-----
From: Paul Wouters [mailto:paul at nohats.ca] 
Sent: Friday, September 25, 2015 8:40 PM
To: Tomas France
Cc: swan at lists.libreswan.org
Subject: Re: [Swan] Cannot compile Libreswan 3.14 and newer on CentOS 5

On Fri, 25 Sep 2015, Tomas France wrote:

> Subject: Re: [Swan] Cannot compile Libreswan 3.14 and newer on CentOS 
> 5
> 
> The prelink trick worked, it's all "green" now.
>
> However, both the "ipsec checknss" and "ipsec initnss" commands result 
> in the mentioned error. See below:
>
> ---------------------------------------
> [root at fr4 logs]# ipsec checknss
> Initializing NSS database
> See 'man pluto' if you want to protect the NSS database with a 
> password
>
> certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The 
> certificate/key database is in an old, unsupported format.
> Failed to initialize nss database sql:/etc/ipsec.d

Looks like the RHEL5 version of nss does not support the sql format? I guess
you should grab the nss srpm of centos6 and recompile for centos5

Paul



More information about the Swan mailing list