FILES section of the manpage for ipsec.secrets (from package Openswa) says it should reside in /etc/ipsec.secrets Gentoo patches to Openswan moved the config files from /etc to /etc/ipsec but manpage documentation was not updated accordingly Reproducible: Always Steps to Reproduce: 1. man ipsec.secrets => FILES => /etc/ipsec.secrets 2. putting the file there reports ipsec not to find any RSA key (in my case) 3. move ipsec.secrets to /etc/ipsec/ and it works Actual Results: /var/log/messages reports " #1: I am sending a certificate request #1: unable to locate my private key for RSA Signature" Expected Results: #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 Just correct the manpage. I've been confused for months looking elsewhere for the cause.
Sorry you had to learn the hard way, and thanks for bothering to report your discovery. Assigning to openswan maintainer.
(In reply to comment #0) > Just correct the manpage. I've been confused for months looking elsewhere for > the cause. Just fixed in 2.4.15-r1 ;) You'll be happy to learn that =net-misc/openswan-2.6* no longer alter the config files path, although I guess it would stay p.masked for a while. On September the 21th it will be a year since I've started to wait for upstream to finally fix L2TP breakages on this branch. And upstream still advertise 2.6 branch as stable although L2TP is the main reason peeps are using openswan in the first place! So please, don't try to drop your frustrations on me. I took more than one for the team and you didn't even noticed it. Funny thing is I didn't even changed the default paths in the first place, it was like this the moment I've took this package under my wing (check http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openswan/, version 2.4.4).
