Re: [strongSwan] dynamic user cert updates

Modster, Anthony Wed, 11 Dec 2019 14:22:25 -0800

? any thoughts on this item

From: Modster, Anthony
Sent: Tuesday, December 10, 2019 4:00 PM
To: [email protected]
Subject: dynamic user cert updates


Hello

We cant seem to update our user cert dynamically ( without stopping charon ).

Our procedure is

  *   Load User Cert 1 into /etc/swanctl/x509/my-cert.crt
  *   vici_do_load()->load_conn()
  *   vici_do_connect()->init_conn()
  *   VPN tunnel comes up
  *   swanctl --list-certs, User Cert serial number is 0e
  *   vici_do_disconnect()->terminate_conn()
  *   vici_do_unload()->unload_conn()
  *   copy User Cert 2 into /etc/swanctl/x509/my-cert.crt
  *   vici_do_load()->load_conn()
  *   vici_do_connect()->init_conn()
  *   swanctl --list-certs, User Cert serial number is 0e (but it should be 0e)

Thanks

Re: [strongSwan] dynamic user cert updates

Reply via email to