[strongSwan] Certificate expiration for active IPsec connections
martin at strongswan.org
Thu Apr 1 16:00:31 CEST 2010
> What does strongSwan for an active IPsec connection authenticated with
> certificates when the certificate validity period expires?
We currently do not close a tunnel if the certificate expires.
If you want to enforce such a policy, you'd need to do reauthentication
(i.e. close and reestablish the tunnel) periodically.
More information about the Users