Hi, In Centos 7.4, Pluto crashes in FIPS mode : Because it expects the password in below format "NSS FIPS 140-2 Certificate DB:nsspassword" But it is currently the nsspassword is " NSS Certificate DB:nsspassword" in the nsspassword files: 1./etc/ipsec.d/nsspassword 2:we use our custom nss db location ,in that file also its same. when we change this nsspassword file to "NSS FIPS 140-2 Certificate DB:nsspassword" pluto comes up fine. But still the NSS authentication is failing with the below error in logs: Jun 27 12:36:11: authentication of "NSS FIPS 140-2 Certificate DB" failed Jun 27 12:36:11: FATAL: NSS initialization failure
ipsec status is failing with below sniippets : Process: 21004 ExecStop=/usr/libexec/ipsec/whack --shutdown (code=exited, status=1/FAILURE) Jun 27 14:52:48 centos systemd[1]: Failed to start Internet Key Exchange (IKE) Protocol Daemon for IPsec. I was using CentOS Linux release 7.4.1708 (Core) with libreswan-3.20-3.el7.x86_64. Can you please help me to resolve this issue. Regards, Vyshnav
_______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
