Hello Martin, could you rename the new commands to
"ipsec purgecrls" and "ipsec purgecerts" in order to keep them consistent with the existing commands "ipsec listcrls" and "ipsec listcerts" as is the case with the commands "ipsec purgeocsp" and ipsec listocsp". Thanks Andreas On 12/10/2010 09:52 AM, Martin Willi wrote: > >> How can I flush these old entries without having to restart? > > While looking at this issue, I pushed a patch that that flushes the > cache with the "ipsec purgecrl" and "ipsec purgex509" commands. > > This is, however, insufficient. The certificates are actually never > removed from the backend. Doing so during "ipsec reload" is not trivial, > as we store the certificates independent from the configuration. I'll > try to find a solution. > > Regards > Martin ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
