[strongSwan] charon and CRL loading

Tobias Brunner tobias at strongswan.org
Thu May 9 17:32:06 CEST 2019

Previous message (by thread): [strongSwan] charon and CRL loading
Next message (by thread): [strongSwan] charon and CRL loading
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Anthony,

> ? for the CRL cases below, does the host need to "drop the connection" for the CRL updates

The new CRL will currently only have an effect on new connections.  So
if the certificate of a peer who currently is connected is revoked, this
will not have an effect until that peer re-authenticates (i.e. until it
creates a new IKE_SA).

Regards,
Tobias

Previous message (by thread): [strongSwan] charon and CRL loading
Next message (by thread): [strongSwan] charon and CRL loading
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list