<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Matt,<br>
<br>
Thanks. That was it.<br>
<br>
Do you know anything about setting up Windoze Phone?<br>
<br>
Nick.<br>
<br>
<div class="moz-cite-prefix">On 27/01/2015 21:25, Matt Rogers wrote:<br>
</div>
<blockquote
cite="mid:20150127212533.GG11623@dhcp153-9.rdu.redhat.com"
type="cite">
<pre wrap="">
On 01/27, Nick Howitt wrote:
</pre>
<blockquote type="cite">
<pre wrap=""> <blockquote><tt>002 forgetting secrets</tt><br>
<tt>002 loading secrets from "/etc/ipsec.secrets"</tt><br>
<tt>002 loading secrets from "/etc/ipsec.d/ipsec.secrets"</tt><br>
<tt>002 could not open host cert with nick name 'alex' in NSS
DB</tt><br>
<tt>003 "/etc/ipsec.d/ipsec.secrets" line 1: NSS certficate not
found</tt><br>
<tt>002 loading secrets from
"/etc/ipsec.d/ipsec.unmanaged.MumIn.secrets"</tt><br>
<tt>002 loading secrets from
"/etc/ipsec.d/ipsec.unmanaged.PaulIn.secrets"</tt><br>
</blockquote>
Similarly loading the conn gives:<br>
<blockquote><tt>ipsec auto --add roadwarriors</tt><br>
<tt>000 leftcert with the nickname "alex" does not exist in NSS db</tt><br>
</blockquote>
Any idea where I've gone wrong?<br>
</pre>
</blockquote>
<pre wrap="">
Did you do the db and cert creation while pluto was running? If so you'll have
to restart pluto. But other than having a locked db with no nsspassword file, it
should not have any trouble finding a certificate by the correct nickname.
Regards,
Matt
</pre>
</blockquote>
<br>
</body>
</html>