Some very quick feedback.
I migrated our systems earlier this year from Openswan on Ubuntu to
Libreswan. Coming from this background the big issue was NSS. All the
Ubuntu systems were set up with X.509 certificates and private keys in
separate files and suddenly there was a need for know about this weird
thing called NSS and, before that, why doesn't Libreswan recognise my
existing certificates etc.
Hence, the first thing I looked for on the HowTo was a big upfront
warning about the change to NSS. There is some text on this later on,
but it is easy to miss the significance of this and, where are the links
to the wiki page on NSS - which would be so useful for someone coming
from this background.
Thus my feedback is that the removal of the X.509 file support and the
need to understand how to use NSS should be right up front together with
the link to the NSS page.
Regards
Tony Whyman
MWA
On 09/12/15 14:45, Paul Wouters wrote:
Hi,
I've expanded the openswan migration document to contain a lot more
information about possible changed behaviour and manual changes needed
for a smooth migration from openswan to libreswan.
If you have done this migration, it would be great if you could have a
look at the document and tell me if you ran into anything that isn't
mentioned on this page:
https://libreswan.org/wiki/HOWTO:_openswan_to_libreswan_migration
Note that this mostly talks about openswan -> libreswan-3.15+
Some people have found issues in migrating with earlier libreswan
versions, which we have addressed since then.
The reason I did the write up is to better support those running
RHEL6 that are going to migrate from openswan to libreswan voluntarily
in RHEL-6.7 (using the Extras channel), or when forced to migrate in
RHEL-6.8.
Thanks!
Paul
_______________________________________________
Swan mailing list
Swan@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan
_______________________________________________
Swan mailing list
Swan@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan
