RSA Secret¶

For the private key file both absolute paths or paths relative to /etc/ipsec.d/private are accepted. If the private key file is encrypted, the passphrase must be defined. Instead of a passphrase %prompt can be used which then causes the daemons to ask the user for the password whenever it is required to decrypt the key.

Notation¶

[ <id selectors> ] : RSA <private key file> [ <passphrase> | %prompt ]

Examples¶

: RSA moonKey.pem

: RSA sunKey.der "cjen4*lWnr3jsk"