Hi Dariusz, > What's the correct way of passing private key passphrases to scepclient? You can't, it doesn't support encrypted private keys. > Does it use the information in /etc/ipsec.secrets or is there another > way? It doesn't. You have to decrypt the key to use it with scepclient. Regards, Tobias