[strongSwan] ipsec pki --gen
Andreas Steffen
andreas.steffen at strongswan.org
Tue Jul 24 20:19:19 CEST 2012
Hi Brian,
it seems that your system cannot provide sufficient entropy since
ipsec pki relies on /dev/random to provide true random keys.
As a workaround I recommend e.g. to add your sound card as an
entropy source or if you have a TPM chip on your motherboard to
enable it.
Best regards
Andreas
On 07/24/2012 06:46 PM, Brian Fernald wrote:
> Hi -
>
> Trying to setup a CA and self-signed certs... no getting past the very first step ;
>
> ipsec pki --gen > caKey.der
>
> This just hangs.. have tried debug, etc.. can't get any errors...
>
> Any ideas ? This is 4.6.4 strongswan.
>
> Thanks!
> Brian
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list