Hi Paul, Please find the details as below: 1. For creating nssdb in the custom location , we are using the command : certutil -N -d <custom location> -f <custom location>/nsspassword 2. for pointing the libreswan to read nssdb in the custom location , we are using : ipsecdir=<custom location> . Please find attached the content of ipsec.conf 3. For restarting pluto , after creating nssdb in the custom location, we are using the command : ipsec setup restart
Also please find the attachment for the ipsec.conf Regards, Vyshnav -----Original Message----- From: Paul Wouters [mailto:[email protected]] Sent: Wednesday, May 16, 2018 5:16 AM To: Maheshwari, Shagun <[email protected]> Cc: Veetil, Vyshnav <[email protected]>; [email protected] Subject: RE: [EXTERNAL] Re: [Swan-dev] nssdb is pointing to /etc/ipsec.d but it needs to point to the /usr/local/platform/.security/ipsec path provided in /etc/ipsec.conf On Tue, 15 May 2018, Maheshwari, Shagun wrote: > Can you tell us what has been fixed in libreswan 3.23 for nssdb issue? Looking back through git and the changelog, it actually seems all those changes were already in 3.20. So if you have a clear case of where it is not working, please share the exact details of how pluto is started and if it is using an ipsec.conf what, exactly what's in it. And if possible how you created the NSS DB at the non-standard location. Paul
ipsec.conf
Description: ipsec.conf
_______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
