[strongSwan] How to flush certificate cache
Martin Willi
martin at strongswan.org
Fri Dec 10 09:52:37 CET 2010
> How can I flush these old entries without having to restart?
While looking at this issue, I pushed a patch that that flushes the
cache with the "ipsec purgecrl" and "ipsec purgex509" commands.
This is, however, insufficient. The certificates are actually never
removed from the backend. Doing so during "ipsec reload" is not trivial,
as we store the certificates independent from the configuration. I'll
try to find a solution.
Regards
Martin
More information about the Users
mailing list