[strongSwan] OCSP nonce parameter

Tobias Brunner tobias at strongswan.org
Mon Nov 25 13:35:59 CET 2019

Hi Anthony,

> Our security department is insisting that strongswan validate the nonce parameter when received.
> Is there a way strongswan can accommodate this request.

I pushed some changes to that effect to the ocsp-nonce branch [1].

> If not we need a way to disable OCSP.

You can do so via charon.plugins.revocation.enable_ocsp.



More information about the Users mailing list