[Openswan Users] crlDistributionPoints
Paul Wouters
paul at xelerance.com
Mon Jun 6 18:13:56 CEST 2005
On Mon, 6 Jun 2005, david p wrote:
> 1) So when I establish a VPN from a userA to userB only the userB
> connect itself to my Apache server to download a CRL to check the
> userA certificate. However the 2 certificates (userA and userB) have
> the distribution point set :
>
>
> X509v3 extensions:
> X509v3 CRL Distribution Points:
> URI:http://195.212.109.205/ca.crl
>
>
> Why only one of the two try to connect thge Apache server ? why the userB ?
It might be a timing issue. Did you set strictcrlpolicy=yes ?
Paul
More information about the Users
mailing list