[CentOS] Libreswan PEM format
Glenn Pierce
glennpierce at gmail.com
Fri Apr 1 14:58:36 UTC 2016
Typical I think I just did it .
I downloaded a perl script to do it at
https://git.dn42.us/ryan/pubkey-converter/raw/master/pubkey-converter.pl
First I did
ipsec showhostkey --right > right.pub
I then edited the file to remove the ipsec key = line
Then I converted with
perl pubkey-converter.pl -p < right.pub > /home/glenn/right.pub
On 1 April 2016 at 15:44, Glenn Pierce <glennpierce at gmail.com> wrote:
> Sorry but I have looked for over two days. Trying every command I could find.
>
> There is obviously a misunderstanding somewhere.
>
> After generating a key pair with
> ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.d/my.secrets
>
> I exported to a file with
> ipsec showhostkey --ipseckey > file
>
> The man pages says
> ipsec showhostkey outputs in ipsec.conf(5) format,
>
> Ie
>
>
> ***.server.net. IN IPSECKEY 10 0 2 .
> AQPs3gZ6GBRJSoy/6RxrL/cMv0JnYEKR/SYmXUCVlkBFNi2D7VJsa17ffvmBUjLLD6/T72M31JvlPhkSzK/YSPpoh8hNtSB4IDlD2WGks+hYlnQ4ZSOaj5LHFRFochUVQAiSWgx4OnvI9cYrj+rDZL/0vtGeLDJiLeTSj3DLfWCi2DG/LzZ1ukQMQCETMb6vZ9YcC21iQUNxEHLVJlTSltVdpyWnWfKvoQ9K3NFiVVsXZ0+puQCHWJqp1OQtesaSCQNzeUgjmhm5W+kVzQ1NkeCz6Me0iQEIzH+b6gdJrjRzgwhU1ZRXfthP4QiIANh9C9uI2VGj1tM05qXm2Ps9KZiholyQSKmjZNXU1RBzQdc2T09WsGRBPFprH8k3nN2MpWkWj1Tljawx7uRoCWtH0UkOhe04kPzZ4M5CHplNEM7fO05DraRt7F99oN2cYuRHCzLD53QwdS8ptw3G1FCiSK7+v3klE0zemBToknFAT5Oy5XiHILLkNccjXmJ12eyw1qUX/jM7r+COGQQfefYbv8fokxJy+dSB2JmPqOT05ssvMw==
>
>
> is this the format openssl is meant to beable to convert ? or is the
> an intermediate step I am missing as like I said not command I found
> seems to work.
>
>
> On 1 April 2016 at 14:35, Eero Volotinen <eero.volotinen at iki.fi> wrote:
>> It works, try googling for openssl pem conversion
>> 1.4.2016 4.32 ip. "Glenn Pierce" <glennpierce at gmail.com> kirjoitti:
>>
>>> I have tried
>>> openssl rsa -in bicester_left.pub -outform pem > bicester_left.pem
>>>
>>> I get
>>> unable to load Private Key
>>> 140372295030648:error:0906D06C:PEM routines:PEM_read_bio:no start
>>> line:pem_lib.c:701:Expecting: ANY PRIVATE KEY
>>>
>>>
>>>
>>> On 1 April 2016 at 13:59, Eero Volotinen <eero.volotinen at iki.fi> wrote:
>>> > You can do any kind of format conversions with openssl commandline
>>> client.
>>> >
>>> > Eero
>>> > 1.4.2016 3.56 ip. "Glenn Pierce" <glennpierce at gmail.com> kirjoitti:
>>> >
>>> >> Hi I am trying to setup a libreswan vpn between centos 7 and a Mikrotik
>>> >> router.
>>> >>
>>> >> I am try to get the keys working. My problem is the Mikrotik router
>>> >> wants the key in PEM format
>>> >>
>>> >> How do I export the keys generated with ipsec newhostkey
>>> >> into PEM format ?
>>> >>
>>> >>
>>> >> Thanks
>>> >> _______________________________________________
>>> >> CentOS mailing list
>>> >> CentOS at centos.org
>>> >> https://lists.centos.org/mailman/listinfo/centos
>>> >>
>>> > _______________________________________________
>>> > CentOS mailing list
>>> > CentOS at centos.org
>>> > https://lists.centos.org/mailman/listinfo/centos
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> https://lists.centos.org/mailman/listinfo/centos
>>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
More information about the CentOS
mailing list