Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

doc/nss-howto.txt still refers to /etc/ipsec.d as the NSS directory location -- should use /var/lib/ipsec/nss #391

Closed
dkg opened this issue Jan 10, 2021 · 1 comment

Comments

@dkg
Copy link
Contributor

dkg commented Jan 10, 2021

I think this is just a bit of cleanup that wasn't done when libreswan transitioned to using /var/lib/ipsec/nss as the default directory for NSS.

@letoams
Copy link
Member

letoams commented Jan 11, 2021

Thanks for the note. It also had some other obsoletes info in it , like secrets file entries for certificates which are not needed.

ovsrobot pushed a commit to ovsrobot/ovs that referenced this issue Feb 14, 2022
Currently ovs-monitor-ipsec script uses the old NSSDB path (/etc/ipsec.d)
to store the connections keys and certificates and initiate these connections
using ipsec command which in turn uses the NSSDB that located in the new
location (see: libreswan/libreswan#391) and that
causes connection issues.

This patch change the default NSSDB path in ovs-monitor-ipsec to match
LibreSwan NSSDB default path.

Signed-off-by: Mohammad Heib <mheib@redhat.com>
Signed-off-by: 0-day Robot <robot@bytheb.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants