Thanks
Teledyne Confidential; Commercially Sensitive Business Data
-Original Message-
From: Users On Behalf Of Andreas Steffen
Sent: Sunday, September 26, 2021 12:25 AM
To: Modster, Anthony ; users@lists.strongswan.org
Subject: Re: [strongSwan] strict crl policy
---External Email
Hi Anthony,
strict CRL policy still works.
The problem with your setup is that you define
strictcrlpolicy=yes
in ipsec.conf which is loaded via starter and the stroke interface
only whereas your log shows that you load the configuration via the
vici interface:
2021 Sep 24 04:26:47+00:00
Hi,
Double check two things:
1 - Make sure the revocation plugin is loaded, use "ipsec
statusall"
2- Make sure the crl is loaded, use " ipsec listcrls"
--Jafar
On 9/24/2021 3:14 PM, Modster, Anthony wrote:
Hello
Does setting strict CRL policy to yes still work ?
The