[strongSwan] How to flush certificate cache
Lin, Clifton (US SSA)
clifton.lin at baesystems.com
Wed Dec 8 20:03:46 CET 2010
I am using strongSwan 4.5.0, and I am having a problem where old certificates remain in the certificate cache even after I have removed the certificate file, replaced it with a new one, and reloaded the configuration (using 'ipsec reload'). After doing this, 'ipsec listcerts' returns BOTH the old and new certificate entries. When I try to start the connection again, it fails, I think because it is still trying to use the old certificate information. The only way I have been able to flush the cache is by restarting ipsec using 'ipsec restart'. Then, 'ipsec listcerts' correctly returns only the new certificate entry, and I am able to start the connection.
How can I flush these old entries without having to restart?
More information about the Users