[Openswan Users] VPN and CRL

Jacco de Leeuw jacco2 at dds.nl
Fri Apr 22 15:51:28 CEST 2005


> I would like to know how to configure the VPN to check if the certificat 
> is in the Revocation List .

"If the serial number of the certificate is found in the CRL then the
public key contained in the certificate is declared invalid and the
IPSec SA will not be established".

In other words, it will work automatically thanks to the X.509 work
by Strongsec.

http://www.strongsec.net/freeswan/install.htm#section_5.2
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list