The X.509 Patch expects its directory strucutre for the certificates at /etc/ipsec.d but on gentoo its reside at /etc/ipsec/ipsec.d. For certs a full path can be given as workaround, but for the private key this is not possible. Possible soultions: - move /etc/ipsec/ipsec.d to /etc/ipsec.d - create a link at /etc to ipsec.d (like i did) - maybe the default path for ipsec.d can configured or patched to the gentoo way
I noticed this with 1.97 as well... It's not really a showstopper, but I'll give you that's it's somewhat annoying. Either we should apply a patch (to the patch of the source... ugh) to change the search paths, documentation, etc, in the X509 patches, or revert to it's defaults. Personally I'd rather have it in a subdirectory anyway - it's a bit cleaner. Perhaps perstering the patch maintainer would be better in the long-haul. And BTW, you can set explicit paths for private keys, in ipsec.secrets use a line like this: : RSA /etc/ipsec/ipsec.d/private/userKey.pem "yourpasswordhere-ifneeded"
*** Bug 12400 has been marked as a duplicate of this bug. ***