Tobias, Anything in particular I should be looking for in the logs? I definitely see the CRL getting loaded from disk when I start the service. I also see in the logs the remote CRL fetch failing. Nothing is mentioned in the logs about the local CRL.
Thanks On Fri, Apr 21, 2017 at 12:20 AM, Tobias Brunner <tob...@strongswan.org> wrote: > Hi Zach, > >> Alternatively, is there a way to just ignore embedded CRL distribution >> points, and always use the local CRL? > > If the revocation plugin finds a cached CRL (either previously fetched > or loaded manually) that's still valid it will use that and not fetch > any remote CRLs. Check the log for details on what's going on. > > Regards, > Tobias > -- :wq! _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users