[Swan] Adding host to subnet VPN
Paul Wouters
paul at nohats.ca
Tue Feb 23 18:27:28 UTC 2016
On Tue, 23 Feb 2016, Alex wrote:
>> How did you create your original certificates? You should repeat
>> the same process for a new certificate. It doesn't much matter
>> how you do it, as long as you use the same CA for it.
>
> That's kind of the problem - the original certs were created many,
> many years ago. I believe it was 2010 when you helped me import them
> into NSS, so they were created before even NSS was a thing.
I would not have told you to put the CAcerts into the VPN NSS db, so
you should still have those files somewhere?
> I'm familiar with using openssl to create certificates, but it
> involves private keys and a CSR.
You can use that too, and then create a PKCS#12 .p12 export file using
openssl.
Paul
More information about the Swan
mailing list