On Thu, 17 Sep 2020 at 16:13, Paul Wouters wrote:
> On Wed, 16 Sep 2020, Andrew Cagney wrote:
>
> > First, I believe ikev2-03-basic-rawrsa-ckaid is fixed. It uses
> the CKAID to directly locate the raw key in the NSS DB. To confirm it is
> > working, look in west.pluto.log for "CKAID".The use c
On Wed, 16 Sep 2020, Andrew Cagney wrote:
First, I believe ikev2-03-basic-rawrsa-ckaid is fixed. It uses the CKAID to
directly locate the raw key in the NSS DB. To confirm it is
working, look in west.pluto.log for "CKAID".The use case for this test is
pretty easy:- generate the raw key
- use
On Thu, 17 Sep 2020 at 12:42, Antony Antony wrote:
> On Wed, Sep 16, 2020 at 10:35:07PM -0400, Andrew Cagney wrote:
> > First, I believe ikev2-03-basic-rawrsa-ckaid is fixed. It uses
> the CKAID to
> > directly locate the raw key in the NSS DB. To confirm it is working,
> look in
> > west.pluto
On Wed, Sep 16, 2020 at 10:35:07PM -0400, Andrew Cagney wrote:
> First, I believe ikev2-03-basic-rawrsa-ckaid is fixed. It uses the CKAID to
> directly locate the raw key in the NSS DB. To confirm it is working, look in
> west.pluto.log for "CKAID".
add an empty file ipsec.secrets in the test di
First, I believe ikev2-03-basic-rawrsa-ckaid is fixed. It uses
the CKAID to directly locate the raw key in the NSS DB. To confirm it is
working, look in west.pluto.log for "CKAID".
The use case for this test is pretty easy:
- generate the raw key
- use certutil to find the ckaid
- add ...ckaid= t