[Openswan Users] Certified Validity

Andy fs at globalnetit.com
Tue Aug 23 15:50:24 CEST 2005


On Tue, 2005-08-23 at 20:40 +0200, Andreas Steffen wrote:
> Of course the computer
> clocks must be synchronized by NTP.

Indeed. That's a problem - VPN servers probably are almost always using
NTP, but typically their clients are not - often these are dialup or
otherwise intermittently connected systems.
I always create certificates with a start date at least 1 day ago to
compensate for that.




More information about the Users mailing list