Tobias Item 1, if a new CRL is copied to the x509crl directory, "authorities section" not configured, ? will charon automatically re-load the CRL
Item 2, if a new CRL is copied to the "assigned location", and "authorities section" "crl_uirs = fill:///xxx", ? will charon automatically re-load the CRL -----Original Message----- From: Tobias Brunner <[email protected]> Sent: Thursday, May 09, 2019 12:59 AM To: Modster, Anthony <[email protected]>; [email protected] Subject: Re: [strongSwan] charon and CRL loading ---External Email--- Hi Anthony, > ? does charon reload the CRL during ( re-authentication and > re-connection ) Not if a valid CRL is still stored in the in-memory cache (which can be cleared via `ipsec purgecrls` or `swanctl --flush-certs -t x509_crl`). > If new CRL’s arrive, ? will charon use them during ( re-authentication > and re-connection ). Arrive how? Regards, Tobias
