> How can I flush these old entries without having to restart? While looking at this issue, I pushed a patch that that flushes the cache with the "ipsec purgecrl" and "ipsec purgex509" commands.
This is, however, insufficient. The certificates are actually never removed from the backend. Doing so during "ipsec reload" is not trivial, as we store the certificates independent from the configuration. I'll try to find a solution. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
