That did it!
The new strongswan.conf is more like this:
charon {
start-scripts {
# creds = /usr/local/sbin/swanctl --load-creds # <-- this
line was the problem
conns = /usr/local/sbin/swanctl --load-conns # <-- this line
seems to imply loading creds mentioned in
Hi Stephen,
> On startup, swanctl seems to load and then immediately unload the
> private key associated with the "local" cert:
> 10[CFG] loaded RSA private key
> 10[CFG] unloaded private key with id
> 4d12e9d018870dfc33ddd431233ec05a97498ccc
I was able to reproduce this issue. It
I'm using 5.5.2; my configs are here:
https://gist.github.com/sayotte/1fd19aba0043cb20821cde42535486d7
On startup, swanctl seems to load and then immediately unload the
private key associated with the "local" cert:
10[CFG] loaded RSA private key
10[CFG] unloaded private key with id