[Openswan Users] Dynamic CRL fetching
Gregor Bethlen
saphira at bethlen.de
Thu Aug 19 13:23:44 CEST 2004
Hello,
I tried the dynamic CRL fetching, but I failed. Maybe I did something wrong (in fact, I think I did).
I putted
crlcheckinterval=600
in ipsec.conf. I changed the Makefile of pluto to use Ldap v3. I installed openldap2-devel and curl-devel (not sure if I need the later one). make programs && make install
When I try to establish a connection between a Windows-VPN-RW and the Openswan-installation, I get a connection. But doing a
ipsec auto --listcrls
lists only the crls stored in ipsec.d/crls, it seems the system does not fetch any other crls. I doesn't show the "distPts:"-entry on the --listscrls-entry.
I got 2 CDPs defined in each certificate, 1 HTTP and 1 LDAP. None works.
Is there another thing I must do to activate dynamic crl-fetching?
I'm working with openswan-2.1.4 on SuSE Linux 9.1. Along with this comes openssl 0.9.7d which has some bugs, but since everything else works fine ...
Thanks for your help,
Gregor
____________________________________________________
Aufnehmen, abschicken, nah sein - So einfach ist
WEB.DE Video-Mail: http://freemail.web.de/?mc=021200
More information about the Users
mailing list