On Thu, 4 Apr 2019, jchludzinski wrote:
I’m running openswan with a secrets file generated by libreswan. It’s
complaining about “PrivateExponent keyword not found where expected in RSA
key”.
Well, there is no “PrivateExponent keyword” in a secrets file generated by
libreswan.
libreswan uses the NSS database for its keys, and not the secrets file.
Openswan did use NSS in RHEL as well, but perhaps you have a non-rhel
openswan. In that case, you will have to regenerate new keys on each
end using their own mechanisms, eg ipsec newhostkey --output
/etc/ipsec.secrets and run ipsec showhostkey to see the public keys
to put in the configurations.
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
