[strongSwan] ipsec rereadcrls command effect

Martin Willi martin at strongswan.org
Thu Jun 6 10:09:33 CEST 2013

Hi Anuj,

> Does by executing this command, already established Ipsec SA  would be
> destroyed in case revoked certificates are used in establishing the tunnel?

No, the tunnel stays alive, certificates are not re-checked. The next
reauthentication would fail, closing the tunnel.


More information about the Users mailing list