[Swan] RSA keys help

Kostya Vasilyev kman at fastmail.com
Wed Jan 23 18:42:04 UTC 2019


On Wed, Jan 23, 2019, at 9:28 PM, Paul Wouters wrote:
> On Wed, 23 Jan 2019, Kostya Vasilyev wrote:
> 
> > It would be nice if NSS supported importing / exporting openssl *keys* directly, including private keys, to make key management easier, but I understand it's an external (to libreswan) piece of software.
> 
> Yeah, we have talked to the NSS people about that. It's hard for them to
> do since they try to not allow exporting private keys at all, unless
> wrapped in something (eg like p12) for FIPS reasons.

p12 would be fine - since that opens up a way to exchange with other formats.

But right now importing or exporting to/from NSS seems to be limited to *certificates* not keys...

-- K


More information about the Swan mailing list