On Fri, Oct 23, 2009 at 1:28 PM, Timothy Murphy <gayleard@xxxxxxxxxx> wrote: > Ralph Angenendt wrote: > >> I just got told that you have to feed all certificates to nss storage >> instead of having them in pem files. >> >> See README.nss for more hints. > > I found these remarks, as also /usr/share/doc/openssh-4.3p2/README.nss, > more or less unintelligible. It's README.nss in the openswan documentation which comes with the openswan-doc package. > Does one really "have to" do this? Yes. Upstream seems to want to be FIPS 140-2 compliant. I wonder why there aren't *ANY* warnings in upstream's release notes regarding that. Sorry, we didn't catch that during QA as nobody doing so had openswan configured :) Regards, Ralph _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: upgrade to 5.4 openswan broke
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: upgrade to 5.4 openswan broke
- From: Ralph Angenendt <ralph.angenendt@xxxxxxxxx>
- Date: Fri, 23 Oct 2009 14:08:11 +0200
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <hbs425$7sa$1@xxxxxxxxxxxxx>
- References: <1256268790.11140.31.camel@xxxxxxxxxxxxxxxxxxx> <7d344fd40910230416h43442a82k7918fec1dd20bf31@xxxxxxxxxxxxxx> <hbs425$7sa$1@xxxxxxxxxxxxx>
- References:
- upgrade to 5.4 openswan broke
- From: Myron Williams
- Re: upgrade to 5.4 openswan broke
- From: Ralph Angenendt
- Re: upgrade to 5.4 openswan broke
- From: Timothy Murphy
- upgrade to 5.4 openswan broke
- Prev by Date: XFS might be available for i686 from the CentOS Plus repository.
- Next by Date: can't "yum install mplayer" : no libmpcdec.so.3 available
- Previous by thread: Re: upgrade to 5.4 openswan broke
- Next by thread: update 5.4 problem using yum
- Index(es):
 |