latin...@vcn.bc.ca wrote:
> Hello
>
> i am testing IKEv2; and because i felt really confuse trying to configure
> them; i delete all certs; and i can not find how to re-create them, on FAQ
> and misc!
>
> May somebody help please?
>
> Thank you.
It's in /etc/rc , function make_keys at line 135:
# Generate keys for isakmpd, iked and sshd if they don't exist yet.
make_keys() {
# ...
local _iked_key=/etc/iked/private/local.key
local _iked_pub=/etc/iked/local.pub
# ...
if [[ ! -f $_iked_key ]]; then
echo -n "openssl: generating iked ECDSA keys... "
if openssl ecparam -genkey -name prime256v1 -out $_iked_key
>/dev/null 2>&1 &&
chmod 600 $_iked_key &&
openssl ec -out $_iked_pub -in $_iked_key \
-pubout >/dev/null 2>&1; then
echo done.
else
echo failed.
fi
fi
# ...
}
-Lucas
