[strongSwan] crlcheckinterval in charon
kgardenia42
kgardenia42 at googlemail.com
Sat Feb 9 00:41:50 CET 2013
Hi,
I notice that crlcheckinterval is not included in strongswan 5.x. Is
this just a case of it not having been implemented yet or has the
feature been deliberately removed?
If the latter then what is the expected way to "poll" a crluri to
check for modifications? I know about OCSP but the realtime check is
too expensive in my situation so the static file with periodic check
is ideal.
I suppose I could replicate my own version home-grown of
"crlcheckinterval" by having a cron/agent do an If-Modified-Since
check on the CRL URL every so often and somehow tell charon to re-read
the list if it is modified. But that is extra moving parts I'd
ideally like to avoid.
Alternatively, is there any command-line mechanism to tell charon to
re-read the crluri? If that exists then I could just have a cron
which periodically tells charon to re-check it.
Thanks.
More information about the Users
mailing list