[strongSwan] charon and CRL loading
Tobias Brunner
tobias at strongswan.org
Thu May 9 17:09:29 CEST 2019
Hi Anthony,
> Item 1, if a new CRL is copied to the x509crl directory, "authorities section" not configured, ? will charon automatically re-load the CRL
No, swanctl --load-creds has to be called explicitly.
> Item 2, if a new CRL is copied to the "assigned location", and "authorities section" "crl_uirs = fill:///xxx", ? will charon automatically re-load the CRL
Only if a previously fetched and cached version expired, or the cache
has been flushed manually.
Regards,
Tobias
More information about the Users
mailing list