[strongSwan] How to disable 'CRL' in strongswan.conf?
Yong Choo
yhc at alcatel-lucent.com
Mon Jan 9 20:59:55 CET 2012
Searching in database, I came up on the following in
http://www.mail-archive.com/users@lists.strongswan.org/msg03918.html
So, the question is 'how not to load the revocation plugin when it is
already enabled by default?'
-----Original Message-----
From: Andreas Steffen [mailto:andreas.stef... at strongswan.org]
Sent: jeudi 24 novembre 2011 12:51
To: ABULIUS, MUGUR (MUGUR)
Cc: users at lists.strongswan.org; SCARAZZINI, FABRICE (FABRICE); Pisano, Stephen
G (Stephen); WASNIEWSKI, ALAIN (ALAIN)
Subject: Re: [strongSwan] How to bypass CRL checks?
Hello Mugur,
with IKEv2 revocation checks can be easily disabled by not loading the
revocation plugin. What is not possible is to disable CRL checking on a per
connection definition basis.
Regards
Andreas
On 1/9/2012 12:30 PM, Yong Choo wrote:
> Hi,
> Looking at http://wiki.strongswan.org/projects/1/wiki/441,
> OCSP/CRL checking in IKEv2 has been moved to the revocation plugin,
> enabled
> by default. Plase update manual load directives in strongswan.conf.
>
> How can I disable this plugin dynamically? We have a need of
> dynamically controlling the loading of plugin at run-time.
>
> Thanks Much,
> -Yong Choo
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120109/5dbcf05b/attachment.html>
More information about the Users
mailing list