[strongSwan] expired CRL

Tobias Brunner tobias at strongswan.org
Fri Jun 14 09:48:10 CEST 2019

Previous message (by thread): [strongSwan] expired CRL
Next message (by thread): [strongSwan] strongswan and openconnect
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Anthony,

> If we have a CRL the revoked a "secure gateway", and later the CRL expired.
> 
> ? will strongswan still use the expired CRL

It does.  But if you use strict revocation checking, a fresh CRL is
required to validate non-revoked certificates.

Regards,
Tobias

Previous message (by thread): [strongSwan] expired CRL
Next message (by thread): [strongSwan] strongswan and openconnect
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list