[strongSwan] charon and CRL loading
Modster, Anthony
Anthony.Modster at Teledyne.com
Thu May 9 17:54:43 CEST 2019
Thanks
-----Original Message-----
From: Tobias Brunner <tobias at strongswan.org>
Sent: Thursday, May 09, 2019 8:32 AM
To: Modster, Anthony <Anthony.Modster at Teledyne.com>; users at lists.strongswan.org
Cc: Amare, Mesfin <Mesfin.Amare at Teledyne.com>
Subject: Re: [strongSwan] charon and CRL loading
---External Email---
Hi Anthony,
> ? for the CRL cases below, does the host need to "drop the connection"
> for the CRL updates
The new CRL will currently only have an effect on new connections. So if the certificate of a peer who currently is connected is revoked, this will not have an effect until that peer re-authenticates (i.e. until it creates a new IKE_SA).
Regards,
Tobias
More information about the Users
mailing list