[root@west linux-audit-01]# certutil -d sql:/etc/ipsec.d -K
certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and
Certificate Services"
< 0> rsa b49f1aac9e456e7929c881973a0c6ad37f0f0350 (orphan)
[root@west linux-audit-01]# echo '@psk-west-v2 @psk-east-v2: PSK
"ThisIsHereToMisMatch"' >> /etc/ipsec.secrets
[root@west linux-audit-01]# echo ': PSK "test"' >> /etc/ipsec.secrets
[root@west linux-audit-01]# ipsec start
Redirecting to: systemctl start ipsec.service
[root@west linux-audit-01]# /testing/pluto/bin/wait-until-pluto-started
[root@west linux-audit-01]# certutil -d sql:/etc/ipsec.d -K
certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and
Certificate Services"
certutil: no keys found
I'm confused what is killing these. It does not seem to be ipsec checknss which
is called in the service file.
Anyone else seeing this?
I don't see any changes in the ipsec.service and the keys are there
after swan-prep finished. Once pluto is started, they are gone ?
Paul
_______________________________________________
Swan-dev mailing list
Swan-dev@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-dev
