[Swan] Importing keypairs from keytool
paul at nohats.ca
Thu Aug 18 21:08:09 UTC 2016
If the auth errors are gone, then the certs and NSS are fine.
Does: ipsec whack --trafficstatus
confirm the tunnel is up?
Sent from my iPhone
> On Aug 18, 2016, at 3:09 PM, Sowmini Varadhan <sowmini.varadhan at oracle.com> wrote:
>> On (08/18/16 08:02), Sowmini Varadhan wrote:
>> Thanks in advance for hints,
> fwiw, I later noticed that I was missing the entry
> : RSA "bds"
> in my /etc/ipsec.d/ipsec.secrets. After adding that on each side,
> the auth failure error goes away from the tcpdump trace; however tunnels
> are still not activated.
> I've tried doing
> right# pk12util -i my.pkcs12 -d /etc/ipsec.d
> to avoid the "sql:*" prefix, does not help.
> Feels like I'm really close to getting this to work, but am missing
> some config step.
> Swan mailing list
> Swan at lists.libreswan.org
More information about the Swan