[strongSwan] ipsec purgecerts will purge CA certs

Pavan Maganti pavansanjay at gmail.com
Wed Feb 4 15:25:07 CET 2015


Hi,

Currently i have an issue with CA certs which is as follows.
My requirement is to add/remove additional root CA cert with out restarting
IPSEC.

When the CA cert is added under /etc/ipsec.d/cacerts/ folder and executing
"ipsec rereadcacerts" command reflects the certificate under "ipsec
listcacerts". However, when i delete the CA cert from /etc/ipsec.d/cacerts/
folder and run the command "ipsec purgecerts" is still showing under the
ipsec cache.

Do i need to use any other command to remove the deleted CA cert from cache?
Is this a known limitation in strongswan?


Regards,
Pavan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150204/72bfec62/attachment.html>


More information about the Users mailing list