1 files changed, 18 insertions, 32 deletions

diff --git a/debian/strongswan.config b/debian/strongswan.config
index 673c2dcda..eb5f2c2dd 100644
--- a/debian/strongswan.config
+++ b/debian/strongswan.config
@@ -17,39 +17,25 @@ db_go || true
 
 db_get strongswan/create_rsa_key
 if [ "$RET" = "true" ]; then
-    db_input high strongswan/rsa_key_type || true
+    # create a new certificate
+    db_input medium strongswan/rsa_key_length || true
+    db_input high strongswan/x509_self_signed || true
+    # we can't allow the country code to be empty - openssl will 
+    # refuse to create a certificate this way
+    countrycode=""
+    while [ -z "$countrycode" ]; do
+       db_input medium strongswan/x509_country_code || true
+       db_go || true
+       db_get strongswan/x509_country_code
+       countrycode="$RET"
+    done
+    db_input medium strongswan/x509_state_name || true
+    db_input medium strongswan/x509_locality_name || true
+    db_input medium strongswan/x509_organization_name || true
+    db_input medium strongswan/x509_organizational_unit || true
+    db_input medium strongswan/x509_common_name || true
+    db_input medium strongswan/x509_email_address || true
     db_go || true
-
-    db_get strongswan/rsa_key_type
-    if [ "$RET" = "plain" ]; then
-        # create just a plain RSA keypair
-        db_input medium strongswan/rsa_key_length || true
-        db_go || true
-    else
-        # extract the RSA keypair from a x509 certificate
-        db_input high strongswan/existing_x509_certificate || true
-        db_go || true
-
-        # create a new certificate
-        db_input medium strongswan/rsa_key_length || true
-        db_input high strongswan/x509_self_signed || true
-        # we can't allow the country code to be empty - openssl will 
-        # refuse to create a certificate this way
-        countrycode=""
-        while [ -z "$countrycode" ]; do
-           db_input medium strongswan/x509_country_code || true
-           db_go || true
-           db_get strongswan/x509_country_code
-           countrycode="$RET"
-        done
-        db_input medium strongswan/x509_state_name || true
-        db_input medium strongswan/x509_locality_name || true
-        db_input medium strongswan/x509_organization_name || true
-        db_input medium strongswan/x509_organizational_unit || true
-        db_input medium strongswan/x509_common_name || true
-        db_input medium strongswan/x509_email_address || true
-        db_go || true
-    fi
 else
     db_get strongswan/existing_x509_certificate
     if [ "$RET" = "true" ]; then