[strongSwan] Dynamic update of End Entity Certificate
andreas.steffen at strongswan.org
Thu Jun 21 13:36:08 CEST 2012
I haven't actually tested it, but could you give your new
certificate a different file name, then edit ipsec.conf
and then execute
ipsec down xy
ipsec up xy
which would keep all other connections active?
On 21.06.2012 12:50, divya mohan wrote:
> Thanks for the clarification.
> 'ipsec reload' would be a costly operation since it would terminate
> all the connections and add them back.
> Is there any way to terminate and add back only one connection, out of many?
> Is it possible to achieve a reload of a single connection with 'ipsec'
> tool, by sending stroke down, stroke delete, and then stroke add, for
> Divya Mohan M
> On Mon, Jun 18, 2012 at 2:59 PM, Tobias Brunner <tobias at strongswan.org> wrote:
>> Since the end entity certificates are configured with left|rightcert you
>> have to use 'ipsec reload' to reload them.
> Users mailing list
> Users at lists.strongswan.org
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4489 bytes
Desc: S/MIME Cryptographic Signature
More information about the Users