Hi Divya, Does this work for you .. I am having a similar requirement.
Regards, -sanjay ----------------------------------------------------- Please consider the environment before printing this email. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Andreas Steffen Sent: Thursday, June 21, 2012 7:36 AM To: divya mohan Cc: [email protected] Subject: Re: [strongSwan] Dynamic update of End Entity Certificate Hi, I haven't actually tested it, but could you give your new certificate a different file name, then edit ipsec.conf from conn xy leftcert=myCert.pem to conn xy leftcert=myNewCert.pem and then execute ipsec down xy ipsec update ipsec up xy which would keep all other connections active? Regards Andreas On 21.06.2012 12:50, divya mohan wrote: > Hi, > > Hi, > > Thanks for the clarification. > > 'ipsec reload' would be a costly operation since it would terminate > all the connections and add them back. > Is there any way to terminate and add back only one connection, out of many? > > Is it possible to achieve a reload of a single connection with 'ipsec' > tool, by sending stroke down, stroke delete, and then stroke add, for > that? > > > Regards, > Divya Mohan M > > > > > On Mon, Jun 18, 2012 at 2:59 PM, Tobias Brunner <[email protected]> wrote: >> Since the end entity certificates are configured with left|rightcert >> you have to use 'ipsec reload' to reload them. > > _______________________________________________ > Users mailing list > [email protected] > https://lists.strongswan.org/mailman/listinfo/users -- ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
