[strongSwan] "ipsec purgecrls" vs VICI clear-creds

Taylor, Philip (Space & Defence) ph.taylor at cgi.com
Wed Aug 4 14:29:03 CEST 2021

I am looking at some old application code that executes the command "ipsec purgecrls" and then sends the VICI command clear-creds.

Man ipsec purgecrls reveals
                Purgecrls - purges all cached CRLS

VICI protocola web page describes clear-creds as
Clear all loaded certificates, private key and shared key credentials.
This affects only credentials loaded over vici, but additionally flushes the credential store.

If a CRL is a credential, does clear-creds duplicate the "ipsec purgcrls" command, making the separate command redundant?
Does the code need to send both commands?

Philip Taylor

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20210804/492cc0d5/attachment.html>

More information about the Users mailing list