[strongSwan] OCSP and CDP

Tobias Brunner tobias at strongswan.org
Thu Dec 19 17:52:42 CET 2019


Hi Anthony,

> ? can strongswan be a OCSP or CDP server

Theoretically yes, but you'd have to program a plugin that does that
yourself.

It would theoretically also be possible to transmit CRLs (RFC 7296) and
OCSP (RFC 4806) via IKEv2 certificate payloads, but strongSwan currently
doesn't support this.

Regards,
Tobias


More information about the Users mailing list