On Thu, 20 Oct 2011, Harald Jenny wrote:
Date: Thu, 20 Oct 2011 15:06:07
From: Harald Jenny <[email protected]>
Cc: [email protected]
To: Paul Wouters <[email protected]>
Subject: ipsec showhostkey question
X-Spam-Flag: NO
Hi Paul,
I currently have the following bugreport pending in Debian:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633067
Is showhostkey even supposed to work on an X509 certificate? If yes, shouldn't
it be able to read PEM as well, perhaps even with encrypted private files?
showhostkey is only for use with raw RSA keys
(note that unlike twhat the poster said, raw RSA is not at all
obsoleted by X.509. Also, we don't really use DER encoding anywhere,
but stick to PEM encoding.
The error happens because no raw RSA key is created on first start by
Debian, unlike in upstreams init script.
Paul
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
