On 01/27, Nick Howitt wrote: > <blockquote><tt>002 forgetting secrets</tt><br> > <tt>002 loading secrets from "/etc/ipsec.secrets"</tt><br> > <tt>002 loading secrets from "/etc/ipsec.d/ipsec.secrets"</tt><br> > <tt>002 could not open host cert with nick name 'alex' in NSS > DB</tt><br> > <tt>003 "/etc/ipsec.d/ipsec.secrets" line 1: NSS certficate not > found</tt><br> > <tt>002 loading secrets from > "/etc/ipsec.d/ipsec.unmanaged.MumIn.secrets"</tt><br> > <tt>002 loading secrets from > "/etc/ipsec.d/ipsec.unmanaged.PaulIn.secrets"</tt><br> > </blockquote> > Similarly loading the conn gives:<br> > <blockquote><tt>ipsec auto --add roadwarriors</tt><br> > <tt>000 leftcert with the nickname "alex" does not exist in NSS > db</tt><br> > </blockquote> > Any idea where I've gone wrong?<br>
Did you do the db and cert creation while pluto was running? If so you'll have to restart pluto. But other than having a locked db with no nsspassword file, it should not have any trouble finding a certificate by the correct nickname. Regards, Matt _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
