Hi Emeric, > I have another question: this local crl file may be updated using an > external script. However, the crl file once fetched seems to get > cached inside the credential manager.
There are two caches, one is in-memory the other stores fetched CRLs in ipsec.d/crls. The latter, in particular, is mostly useful for http:// or ldap:// URIs but it is not enabled by default (`cachecrls` option in ipsec.conf). The in-memory cache, however, can't be disabled via configuration but you may run `ipsec purgecrls` after you updated the CRL to remove all CRLs from that cache. Regards, Tobias _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
