Hello Martin, >No, we currently don't support the Authority Information Access extension in >CRLs.
Thank you for answer. 1. Which is the behavior of strongSwan when it receives a X.509 certificate with an AIA extension? The extension is ignored or there is some specific processing? 2. We are looking for a way to validate CRLs signed with different keys (possibly by different CAs) as certificates referencing these CRLs. For this scenario the local system has, by some other means, the X.509 certificate of signing CA for CRL. How these X.509 certificates should be specified to strongSwan (via which options or/and using which directories) to validate the CRL ? Regards Mugur _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
