[strongSwan] Strongswan IKEv2 Stack (charon): Are the Tunnels brought automatically down if peer or own Certificate is detected as revoked or expired at runtime.

Sajal Malhotra sajalmalhotra at gmail.com
Fri Nov 14 11:29:46 CET 2014


Had a query regarding Certificate Expiration and revocation logic used in

If a IKEv2 tunnel is *already established with a peer, *then is this tunnel
brought down *automatically *by strongswan in case of any of the following
conditions become true:
1. If we provide updated CRL to the stack in which any cert of peer's trust
chain is revoked
2. Any certificate in our or peer's trust chain gets expired at runtime.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20141114/8ba0cd09/attachment.html>

More information about the Users mailing list