On Tue, 23 Feb 2016, Alex wrote:
How did you create your original certificates? You should repeat
the same process for a new certificate. It doesn't much matter
how you do it, as long as you use the same CA for it.
That's kind of the problem - the original certs were created many,
many years ago. I believe it was 2010 when you helped me import them
into NSS, so they were created before even NSS was a thing.
I would not have told you to put the CAcerts into the VPN NSS db, so
you should still have those files somewhere?
I'm familiar with using openssl to create certificates, but it
involves private keys and a CSR.
You can use that too, and then create a PKCS#12 .p12 export file using
openssl.
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
