[Swan] Importing keypairs from keytool
Paul Wouters
paul at nohats.ca
Thu Aug 18 21:08:09 UTC 2016
If the auth errors are gone, then the certs and NSS are fine.
Does: ipsec whack --trafficstatus
confirm the tunnel is up?
Sent from my iPhone
> On Aug 18, 2016, at 3:09 PM, Sowmini Varadhan <sowmini.varadhan at oracle.com> wrote:
>
>> On (08/18/16 08:02), Sowmini Varadhan wrote:
>>
>> Thanks in advance for hints,
>
> fwiw, I later noticed that I was missing the entry
>
> : RSA "bds"
>
> in my /etc/ipsec.d/ipsec.secrets. After adding that on each side,
> the auth failure error goes away from the tcpdump trace; however tunnels
> are still not activated.
>
> I've tried doing
>
> right# pk12util -i my.pkcs12 -d /etc/ipsec.d
>
> to avoid the "sql:*" prefix, does not help.
> Feels like I'm really close to getting this to work, but am missing
> some config step.
>
> Hints?
> --Sowmini
>
>
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
More information about the Swan
mailing list