[strongSwan] dynamic user cert updates

Modster, Anthony Anthony.Modster at Teledyne.com
Wed Dec 11 00:59:55 CET 2019


Hello

We cant seem to update our user cert dynamically ( without stopping charon ).

Our procedure is

  *   Load User Cert 1 into /etc/swanctl/x509/my-cert.crt
  *   vici_do_load()->load_conn()
  *   vici_do_connect()->init_conn()
  *   VPN tunnel comes up
  *   swanctl --list-certs, User Cert serial number is 0e
  *   vici_do_disconnect()->terminate_conn()
  *   vici_do_unload()->unload_conn()
  *   copy User Cert 2 into /etc/swanctl/x509/my-cert.crt
  *   vici_do_load()->load_conn()
  *   vici_do_connect()->init_conn()
  *   swanctl --list-certs, User Cert serial number is 0e (but it should be 0e)

Thanks

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20191210/cd8983bd/attachment.html>


More information about the Users mailing list