Hi Roberts, > Description: I want to set up 2000 IKEv2 cert based tunnels.
And you need to use separate private keys for each tunnel to identify your peer/host? > Problem: After applying the configuration, I see that load of private > keys cannot finish as ipsec is restarting after 10s. That timeout is hardcoded in starter (invokecharon.c). You could try charon-systemd/swanctl as alternative (but there might be a timeout too if the credentials are loaded via systemd unit). But again, why would you need to load that many private keys in the first place? Regards, Tobias
