FreeS/WAN 1.96 should be accompanied by X.509 patch version 0.9.9
which already supports the form
: RSA key.pem "<optional passphrase>"
The passphrase is needed if the key is protected by 3DES
encryption. Don't forget to terminate the line by a newline.
fswcert is not used any more.
Regards
Andreas
Hery Zo RAKOTONDRAMANANA wrote:
> Hi all,
>
> I'm trying to setup a VPN connection between two debian woody 2.4.18
> freeswan patched kernel with x509 certificates.
> freeswan is 1.96-1.2
> Reading the docs informed me it already contains x509 patch, somehow I
> don't find fswcert tool.
>
> While following Marcus Muller's doc on vpn.ebootis.de, I have some
> troubles after generating my certificates.
>
> My /etc/ipsec.secrets only contains this:
>
> # -- not filled in because ipsec.secrets existed at build time --
>
>
> My question is: how do I use extract my private key so that I can
> include it in my /etc/ipsec.secrets file?
>
> I've already tried fswcert -c --right -format DER /etc/x509.der but I'm
> not sure about the result since Marcus's doc says that my ipsec.secrets
> should contain the following:
> : RSA host.example.com.key "password"
>
>
> Any clue about this would be greatly appreciated.
>
> Regards.
>
-- ====================================================================== Andreas Steffen e-mail: andreas.steffen_at_strongsec.com strongSec GmbH phone: +41 76 340 25 56 Alter Zürichweg 20 home: http://www.strongsec.com CH-8952 Schlieren (Switzerland) ==========================================[strong internet security]==_______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:23 CEST