[strongSwan] [strongSwan IKEv2] Issue in CA certificate updates

Martin Willi martin at strongswan.org
Thu Jun 3 10:28:25 CEST 2010


> This is incorrect as the Certificate of peer is signed by previous CA
> certificate, which has been deleted in step 4 above.

The certificate is probably still in the cache, and therefore accepted.
There is currently no way to flush the cache externally, you'll have to
restart the daemon.


More information about the Users mailing list