latin...@vcn.bc.ca wrote: > Hello > > i am testing IKEv2; and because i felt really confuse trying to configure > them; i delete all certs; and i can not find how to re-create them, on FAQ > and misc! > > May somebody help please? > > Thank you.
It's in /etc/rc , function make_keys at line 135: # Generate keys for isakmpd, iked and sshd if they don't exist yet. make_keys() { # ... local _iked_key=/etc/iked/private/local.key local _iked_pub=/etc/iked/local.pub # ... if [[ ! -f $_iked_key ]]; then echo -n "openssl: generating iked ECDSA keys... " if openssl ecparam -genkey -name prime256v1 -out $_iked_key >/dev/null 2>&1 && chmod 600 $_iked_key && openssl ec -out $_iked_pub -in $_iked_key \ -pubout >/dev/null 2>&1; then echo done. else echo failed. fi fi # ... } -Lucas