Hi, Currently i have an issue with CA certs which is as follows. My requirement is to add/remove additional root CA cert with out restarting IPSEC.
When the CA cert is added under /etc/ipsec.d/cacerts/ folder and executing "ipsec rereadcacerts" command reflects the certificate under "ipsec listcacerts". However, when i delete the CA cert from /etc/ipsec.d/cacerts/ folder and run the command "ipsec purgecerts" is still showing under the ipsec cache. Do i need to use any other command to remove the deleted CA cert from cache? Is this a known limitation in strongswan? Regards, Pavan
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
