Sorry but I have looked for over two days. Trying every command I could find. There is obviously a misunderstanding somewhere. After generating a key pair with ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.d/my.secrets I exported to a file with ipsec showhostkey --ipseckey > file The man pages says ipsec showhostkey outputs in ipsec.conf(5) format, Ie ***.server.net. IN IPSECKEY 10 0 2 . AQPs3gZ6GBRJSoy/6RxrL/cMv0JnYEKR/SYmXUCVlkBFNi2D7VJsa17ffvmBUjLLD6/T72M31JvlPhkSzK/YSPpoh8hNtSB4IDlD2WGks+hYlnQ4ZSOaj5LHFRFochUVQAiSWgx4OnvI9cYrj+rDZL/0vtGeLDJiLeTSj3DLfWCi2DG/LzZ1ukQMQCETMb6vZ9YcC21iQUNxEHLVJlTSltVdpyWnWfKvoQ9K3NFiVVsXZ0+puQCHWJqp1OQtesaSCQNzeUgjmhm5W+kVzQ1NkeCz6Me0iQEIzH+b6gdJrjRzgwhU1ZRXfthP4QiIANh9C9uI2VGj1tM05qXm2Ps9KZiholyQSKmjZNXU1RBzQdc2T09WsGRBPFprH8k3nN2MpWkWj1Tljawx7uRoCWtH0UkOhe04kPzZ4M5CHplNEM7fO05DraRt7F99oN2cYuRHCzLD53QwdS8ptw3G1FCiSK7+v3klE0zemBToknFAT5Oy5XiHILLkNccjXmJ12eyw1qUX/jM7r+COGQQfefYbv8fokxJy+dSB2JmPqOT05ssvMw== is this the format openssl is meant to beable to convert ? or is the an intermediate step I am missing as like I said not command I found seems to work. On 1 April 2016 at 14:35, Eero Volotinen <eero.volotinen at iki.fi> wrote: > It works, try googling for openssl pem conversion > 1.4.2016 4.32 ip. "Glenn Pierce" <glennpierce at gmail.com> kirjoitti: > >> I have tried >> openssl rsa -in bicester_left.pub -outform pem > bicester_left.pem >> >> I get >> unable to load Private Key >> 140372295030648:error:0906D06C:PEM routines:PEM_read_bio:no start >> line:pem_lib.c:701:Expecting: ANY PRIVATE KEY >> >> >> >> On 1 April 2016 at 13:59, Eero Volotinen <eero.volotinen at iki.fi> wrote: >> > You can do any kind of format conversions with openssl commandline >> client. >> > >> > Eero >> > 1.4.2016 3.56 ip. "Glenn Pierce" <glennpierce at gmail.com> kirjoitti: >> > >> >> Hi I am trying to setup a libreswan vpn between centos 7 and a Mikrotik >> >> router. >> >> >> >> I am try to get the keys working. My problem is the Mikrotik router >> >> wants the key in PEM format >> >> >> >> How do I export the keys generated with ipsec newhostkey >> >> into PEM format ? >> >> >> >> >> >> Thanks >> >> _______________________________________________ >> >> CentOS mailing list >> >> CentOS at centos.org >> >> https://lists.centos.org/mailman/listinfo/centos >> >> >> > _______________________________________________ >> > CentOS mailing list >> > CentOS at centos.org >> > https://lists.centos.org/mailman/listinfo/centos >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> https://lists.centos.org/mailman/listinfo/centos >> > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos