Hi, I haven't actually tested it, but could you give your new certificate a different file name, then edit ipsec.conf
from
conn xy
leftcert=myCert.pem
to
conn xy
leftcert=myNewCert.pem
and then execute
ipsec down xy
ipsec update
ipsec up xy
which would keep all other connections active?
Regards
Andreas
On 21.06.2012 12:50, divya mohan wrote:
> Hi,
>
> Hi,
>
> Thanks for the clarification.
>
> 'ipsec reload' would be a costly operation since it would terminate
> all the connections and add them back.
> Is there any way to terminate and add back only one connection, out of many?
>
> Is it possible to achieve a reload of a single connection with 'ipsec'
> tool, by sending stroke down, stroke delete, and then stroke add, for
> that?
>
>
> Regards,
> Divya Mohan M
>
>
>
>
> On Mon, Jun 18, 2012 at 2:59 PM, Tobias Brunner <[email protected]> wrote:
>> Since the end entity certificates are configured with left|rightcert you
>> have to use 'ipsec reload' to reload them.
>
> _______________________________________________
> Users mailing list
> [email protected]
> https://lists.strongswan.org/mailman/listinfo/users
--
======================================================================
Andreas Steffen [email protected]
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
