Noel, Thanks for responding. Your response does not answer my question, so I modify my question. Everything is loaded via VICI , nothing is loaded with ipsec commands or with configuration files.
Does the application need both commands when all certificates and CRLs are installed via VICI? PhilT Public -----Original Message----- From: Noel Kuntze <[email protected]> Sent: 04 August 2021 15:50 To: Taylor, Philip (Space & Defence) <[email protected]>; [email protected] Subject: Re: [strongSwan] "ipsec purgecrls" vs VICI clear-creds Hi Philip, CRLs are Certificate Revocation Lists. They're not secrets. Kind regards Noel Am 04.08.21 um 14:29 schrieb Taylor, Philip (Space & Defence): > I am looking at some old application code that executes the command "ipsec > purgecrls" and then sends the VICI command clear-creds. > > Man ipsec purgecrls reveals > > Purgecrls - purges all cached CRLS > > VICI protocola web page describes clear-creds as > > Clear all loaded certificates, private key and shared key credentials. > > This affects only credentials loaded over vici, but additionally flushes the > credential store. > > If a CRL is a credential, does clear-creds duplicate the "ipsec purgcrls" > command, making the separate command redundant? > > Does the code need to send both commands? > > *Philip Taylor* > > > Public >
