# ipsec + CAcert.org

## r4d1x

Is it possible to use CAcert.org certs for a racoon ipsec setup?  I would like to use 2048bit keys that are not self-signed.  The only problem that I am running into is that the keys are password protected rather than having a cert and key pem.  Anyone have experience with this?

----------

## thunder

you can use whatever self-signed certs and certs from CA it doesn't matter if only certs are x509.

----------

## r4d1x

ok thx.  I thought I had read somewhere that racoon cant use certs that are password protected.

----------

## thunder

Like every daemon. you should remove password from certificate by using openssl.

----------

