Hi Sriram, > When I tested this, I saw peers exchanging AuthorityInfoAccess as part of > certificate data extensions. But I didnt any exchanges happening between > ocsp server and peer to confirm the validity of certificates.
For OCSP support, you need both the revocation plugin and one of the fetcher plugins enabled. The curl plugin depends on libcurl and is usually the better choice, the soup plugin builds upon libsoup/glib. If you still see no OCSP requests, please provide an excerpt of your logfile. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
