[Swan] Adding host to subnet VPN

Paul Wouters paul at nohats.ca
Tue Feb 23 18:27:28 UTC 2016

On Tue, 23 Feb 2016, Alex wrote:

>> How did you create your original certificates? You should repeat
>> the same process for a new certificate. It doesn't much matter
>> how you do it, as long as you use the same CA for it.
> That's kind of the problem - the original certs were created many,
> many years ago. I believe it was 2010 when you helped me import them
> into NSS, so they were created before even NSS was a thing.

I would not have told you to put the CAcerts into the VPN NSS db, so
you should still have those files somewhere?

> I'm familiar with using openssl to create certificates, but it
> involves private keys and a CSR.

You can use that too, and then create a PKCS#12 .p12 export file using


More information about the Swan mailing list