[strongSwan] Different values for the option strictcrlpolicy
ABULIUS, MUGUR (MUGUR)
mugur.abulius at alcatel-lucent.com
Tue Nov 22 17:36:40 CET 2011
Hi Martin,
Thank you for your help.
On our strongSwan systems we want to switch on/off the
CRL checks. If the check is switched off then even if received
certificate specifies a CDP extension toward an accessible
remote CRL we don't want that strongSwan rejects the IKE
connection even if the serial number of certificate is
specified by the CRL as no more valid. Do you think that we
can set-up strongSwan for this capability? If yes what should
be the value for strictcrlpolicy in this case?
Thank you
Mugur
More information about the Users
mailing list