[Openswan Users] checking CRL
david
ngc1976.m42 at caramail.com
Tue May 10 15:34:31 CEST 2005
Hi all,
I have 2 host using openswan: hostA and hostB
the hostB certificat is revoked.
I put the CRL file in openswan/ipsec.d/crls on hostA, the VPN is initiated by hostB and the VPN is not established.
BUT when the CRL file is in openswan/ipsec.d/crls on HostB (and not on hostA) and the VPN is initiated by HostB(again) the VPN is established.
Why ?
Does a host not check if its own certificat is valid when initiating a connection ?
david
Protek-on: CaraMail met en oeuvre un nouveau Concept de Sécurité Globale - www.caramail.com
More information about the Users
mailing list