[strongSwan] ipsec.secrets file is missing
Kapil Athi
kapil20084 at gmail.com
Mon Jun 6 15:55:09 CEST 2016
Hi Folks,
Thanks for adding me into Strongswan User Community!
I need some info on how "/etc/ipsec.secrets" file is installed/generated.
In my current development environment with strongswan 5.3.2, i see
/etc/ipsec.secrets file is missing after installation, so need some info to
understand how "ipsec.secrets" is created, so i can debug this.
i am using yocto based enviroment with linux 3.12
yocto ver : 1.6
Strongswan version used: 5.3.2
Linux kernel : 3.12 (Mentor embedded linux - MEL)
strongswan recipe :
http://git.openembedded.org/meta-openembedded/tree/meta-networking/recipes-support/strongswan/strongswan_5.3.2.bb
With the above Strongswan recipe, i have compiled and installed the
strongswan 5.3.2.
After bootup, i see that "/etc/ipsec.secrets" file is not created. Even, in
the MEL built rootfs, i don't see the file /etc/ipsec.secrets.
Now, i can manually create this file and start using it, but i wanted to
learn why this file is missing in the first place.
Can somebody tell me, if /etc/ipsec.secrets file will created at compile
time or during run time ? if so, can you give me some suggestion on where
to look, if the ipsec.secrets file is missing.
FYI. Earlier i was using strongswan 5.1.1 and 5.2.1, and ipsec.secrets
always used to be there.
Error Log:
=======
daemon.info charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
* daemon.info <http://daemon.info> charon: 00[CFG] opening secrets file
'/etc/ipsec.secrets' failed: No such file or directory*
Logs:
====
authpriv.info ipsec_starter[590]: Starting strongSwan 5.3.2 IPsec
[starter]...
daemon.info charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.2,
Linux 3.12.19-rt30, ppc)
daemon.info ipsec[590]: Starting strongSwan 5.3.2 IPsec [starter]...
daemon.info charon: 00[KNL] received netlink error: Operation not
supported (95)
daemon.info charon: 00[KNL] unable to create IPv6 routing table rule
daemon.info charon: 00[KNL] unable to create IPv4 routing table rule
daemon.info charon: 00[KNL] received netlink error: Operation not
supported (95)
daemon.info charon: 00[KNL] unable to create IPv6 routing table rule
daemon.info charon: 00[CFG] loading ca certificates from
'/etc/ipsec.d/cacerts'
daemon.info charon: 00[CFG] loading aa certificates from
'/etc/ipsec.d/aacerts'
daemon.info charon: 00[CFG] loading ocsp signer certificates from
'/etc/ipsec.d/ocspcerts'
daemon.info charon: 00[CFG] loading attribute certificates from
'/etc/ipsec.d/acerts'
daemon.info charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
daemon.info charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
* daemon.info <http://daemon.info> charon: 00[CFG] opening secrets file
'/etc/ipsec.secrets' failed: No such file or directory*
daemon.info charon: 00[LIB] loaded plugins: charon aes des rc2 sha1 sha2
md5 random nonce x509 revocation constraints pubke
daemon.info charon: 00[JOB] spawning 16 worker threads
Thanks
Kapil.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160606/06c93182/attachment.html>
More information about the Users
mailing list