<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On Ubuntu:<br>
service ipsec
{start|stop|restart|reload|force-reload|condrestart|try-restart|status|version}<br>
<br>
<br>
<br>
</div>
<blockquote
cite="mid:CAFr5Kh4YNe+mjfT7DKXSKUXdqGLoDjVMX=L-ENNGfeY+4LRBYg@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>Thank you for rescuing this email from spam.<br>
<br>
</div>
<div>Does anyone have any idea to reload ipsec config without
affecting the existing tunnels?<br>
</div>
<div>
<div>
<div class="gmail_extra"><br clear="all">
<div><br>
Best regards,<br>
Steve<br>
<br>
</div>
<br>
<br>
<div class="gmail_quote">2013/7/5 Steve Leung <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:kesteve@kesteve.com" target="_blank">kesteve@kesteve.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="HOEnZb">
<div class="h5">
<div dir="ltr">
<div dir="ltr">
<div class="gmail_quote">
<div dir="ltr">
<div>
<div>Hi guys,<br>
<br>
</div>
I have OpenSWAN running when system
boot, with several connections defined,
one of them is using X.509 certificate.<br>
<br>
My system clock will be reset every time
when I restart the system, (i.e. reset
to Jan 01 2010), and the time will be
corrected by NTP within a few minutes
after boot. The problem is, when pluto
start and try to load the certs, it will
complain: "X.509 certificate is not
valid until Aug 16 09:22:00 UTC 2012 (it
is now=Jan 01 00:02:10 UTC 2010)". I'll
need to run "ipsec setup restart" after
NTP corrected the time, but this will
disconnect all the existing connections.
<br>
<br>
</div>
Is there any commands to reload the certs?
There is `ipsec auto --rereadall` but it
only reload the cacerts/crls/etc but not
for /etc/ipsec.d/certs (i.e. leftcert and
rightcert defined in /etc/ipsec.conf). <br>
<br>
Is it possible to reload the configuration
file without interrupting established
connections?<br clear="all">
<div>
<div>
<div>
<div>
<div>
<div><br>
</div>
<div>Thank you :)<br>
</div>
<div><br>
Best regards,<br>
Steve<br>
<div><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.openswan.org">Users@lists.openswan.org</a>
<a class="moz-txt-link-freetext" href="https://lists.openswan.org/mailman/listinfo/users">https://lists.openswan.org/mailman/listinfo/users</a>
Micropayments: <a class="moz-txt-link-freetext" href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a>
Building and Integrating Virtual Private Networks with Openswan:
<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
</pre>
</blockquote>
<br>
</body>
</html>