Hi everyone! I’m a little bit of a noob, so I hope someone here can help me with some trouble I’m experiencing with nm-strongswan.
I followed the official guide[^1] to generate certificates and keys. In particular, I generated the keys with pki --gen --outform pem > peer.key.pem This tool, regardless of the pem format, does not require to set up a password for the key, nor was I able to find an option in the manual to do so. When trying to configure my VPN, though, nm-strongswan asks for the password of the key, without ever allowing me to proceed without providing one. This causes charon to fail at opening the key with errors like: dic 28 13:40:23 $hostname charon-nm[1923]: 05[LIB] opening '$path_to_key' failed: Permission denied dic 28 13:40:23 $hostname charon-nm[1923]: 05[LIB] building CRED_PRIVATE_KEY - RSA failed, tried 7 builders I think this might be a bug (I would expect nm-strongswan to detect when the key is password-protected and when not) but I’d like to hear someone else’s thoughts before reporting it. In case it has any relevance, I’m on arch running networkmanager- strongswan 1.4.1-1 and strongswan 5.5.1-2 (both from the AUR). Also, as a possible workaround, I’d be grateful if anyone could suggest a way to generate a password-protected key. With my best wishes, Nicola Feltrin PS: I also asked on the irc, if I get answers there I’ll post them here for archiving purposes and in case anyone else need them :) [^1]: https://wiki.strongswan.org/projects/strongswan/wiki/SimpleCA
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
