Hi Can you direct me to the place from where i can update the code so that we can clear the cache externally, or what is the data structure that holds the cached certificates.
Also, If not flushed on updates, then when does the stack flush these certificates automatically. Is it only after the daemon is restarted? Would really appreciate if you could guide me through this. Actually in our system it is somewhat not acceptable if we would have to close all SAs(due to daemon restart) on certificates getting updated. Best Regards Sajal On Thu, Jun 3, 2010 at 5:37 PM, Sajal Malhotra <[email protected]>wrote: > Hi Martin, > > Thanks for the clarification. If not possible to trigger the flush > externally, then when does that stack flush these certificates > automatically. > > Regards > Sajal > On Thu, Jun 3, 2010 at 1:58 PM, Martin Willi <[email protected]>wrote: > >> Hi, >> >> > This is incorrect as the Certificate of peer is signed by previous CA >> > certificate, which has been deleted in step 4 above. >> >> The certificate is probably still in the cache, and therefore accepted. >> There is currently no way to flush the cache externally, you'll have to >> restart the daemon. >> >> Regards >> Martin >> >> >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
