[strongSwan] ocsp in ikev2

[Martin Willi]

Hi Sriram,

> When I tested this, I saw peers exchanging AuthorityInfoAccess as part of
> certificate data extensions. But I didnt any exchanges happening between
> ocsp server and peer to confirm the validity of certificates.

For OCSP support, you need both the revocation plugin and one of the
fetcher plugins enabled. The curl plugin depends on libcurl and is
usually the better choice, the soup plugin builds upon libsoup/glib.

If you still see no OCSP requests, please provide an excerpt of your
logfile.

Regards
Martin