[strongSwan] expired CRL

Tobias Brunner tobias at strongswan.org
Fri Jun 14 09:48:10 CEST 2019

Hi Anthony,

> If we have a CRL the revoked a "secure gateway", and later the CRL expired.
> ? will strongswan still use the expired CRL

It does.  But if you use strict revocation checking, a fresh CRL is
required to validate non-revoked certificates.


More information about the Users mailing list