[strongSwan] revoke certification with out "ipsec restart"
tobias at strongswan.org
Thu Sep 7 10:58:16 CEST 2017
> I don't want to use "ipsec restart" because other IPsec sessions are
> How can I make enabled the revocation without disconnecting other's
> IPsec session ?
You used the same crlNumber for your second CRL. So it didn't replace
the CRL that you loaded before (this is logged as " crl #01 is not
newer - existing crl #01 retained", so if you read that you'd have known).
More information about the Users