[Swan] unable to locate my private key for RSA Signature

Paul Wouters paul at nohats.ca
Wed Jan 30 20:37:35 UTC 2019

On Wed, 30 Jan 2019, LAURIA Giuseppe wrote:

> We are using libreswan between two different RedHat Servers and want to do host-to-host transport tunnel encryption to port
> 8080.

> I initialized NSS DB
> ipsec initnss
> I created two new keys on each box
> ipsec newhostkey

Please for now use: ipsec newhostkey --output /etc/ipsec.d/yourconn.secrets

due to a bug, it is neccessary to have the secrets file to find our raw
RSA keys :(


More information about the Swan mailing list