[Openswan Users] Dynamic CRL fetching
saphira at bethlen.de
Thu Aug 19 18:32:22 CEST 2004
Paul Wouters schrieb am 19.08.04 17:13:18:
> On Thu, 19 Aug 2004, Gregor Bethlen wrote:
> > I tried the dynamic CRL fetching, but I failed. Maybe I did something wrong (in fact, I think I did).
> > I putted
> > crlcheckinterval=600
> > in ipsec.conf. I changed the Makefile of pluto to use Ldap v3. I installed openldap2-devel and curl-devel (not sure if I need the later one). make programs && make install
> Did you change Makefile.inc?
Dumdidumdidum, nope, I didn't have that ... OK, that explains a lot ... Maybe it's a VERY good idea to put this in the documentation (maybe README.x509).
> I see USE_LIBCURL is missing from Makefile.inc. I've just added this in CVS.
> > Is there another thing I must do to activate dynamic crl-fetching?
> You also need to have proper certificates. This normally means putting
> something in the /usr/share/ssl/openssl.cnf like:
> before generating any certificates.
Jepp, have this.
> Let me know if this still doesn't trigger the fetching for you.
OK, I'll try it tomorrow.
One last question: I think I need some ldap-credentials to connect to the ldap-server. May I ask where to set this?
Thank you for your answer,
WEB.DE Video-Mail - Sagen Sie mehr mit bewegten Bildern
Informationen unter: http://freemail.web.de/?mc=021199
More information about the Users