Hi, To keep this in a thread.
"Just" either use swanctl or move your configs, keys and such into ipsec.d and subdirectories after strongSwan was already started. The variant using swanctl/vici is to just translate your config to use it instead. For VICI, you can just load new configs, keys and certificates into the daemon when you want to establish a new IKE_SA and CHILD_SA. I got a python script here doing that, albeit for another purpose. It's relatively simple. The best approach would be to just use the load-tester though, as Tobias suggested. It does exactly what you want. Am 04.04.19 um 17:03 schrieb Tobias Brunner: > Hi Roberts, > >> Ah, ok, you're suggesting to use a single private key and use it for the >> CSRs/Certificates? > > That's what our load-tester plugin does [1]. > > Regards, > Tobias > > [1] https://wiki.strongswan.org/projects/strongswan/wiki/LoadTests >
signature.asc
Description: OpenPGP digital signature
