[strongSwan] ipsec update and SIGHUP

Tom Rymes trymes at rymes.com
Wed Mar 18 15:56:32 CET 2015


On 03/18/2015 9:37 AM, Tobias Brunner wrote:
>> But still "ipsec update" does reread contents of ipsec.conf, am I right?
>
> Yes, this will cause starter to reread ipsec.conf.
>
>> And does sending HUP to charon forces it to reread ipsec.conf or just
>> the strongswan.conf?
>
> The charon daemon only reads strongswan.conf, and ipsec.conf is only
> read by starter.  So if you changed both files you might want to send
> SIGHUP to both charon and starter (the latter can be done via `ipsec
> update`).

I would add that the update command does not force charon to reread PSKs 
or certificates, if memory serves, so you may need to use rereadall or 
one of the other reread commands if you need that done, too.

Tom



More information about the Users mailing list