Thanks Paul. It just throws that INTERNAL ERROR output when i just run "ipsec verify " other than that ipsec functionality works fine.
Do you see any other obsolete config on ipsec.conf which i have attached to this email thread earlier ?. ~Madhan On Sun, Jul 7, 2019 at 11:48 PM Paul Wouters <[email protected]> wrote: > On Sun, 7 Jul 2019, Madhan Raj wrote: > > > I am getting an below warning > > > > Pluto ipsec.secret syntax INTERNAL ERROR - unknown rcode:WARNING > > 003 "/etc/ipsec.d/secrets/ 1207277490.secrets" line 1: WARNING: The :RSA > secrets entries for X.509 certificates are no longer needed > > > > my secrets file entry:- > > [root@cucm-117 ~]# cat /etc/ipsec.d/secrets/1207277490.secrets > > : RSA "ipsec-db" > > You can remove this line from /etc/ipsec.d/secrets/1207277490.secrets > For certificates, libreswan finds the secret key inside the NSS database, > without needing > this : RSA "certname" entry. > > I am surprised this has somehow became an INTERNAL ERROR. It is supposed > to be only a warning. > > Paul >
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
