[Openswan Users] Question about CRL

Paul Wouters paul at xelerance.com
Tue Apr 12 15:02:23 EDT 2011

On Tue, 12 Apr 2011, Chen, Xuli (James) wrote:

> If ipsec certificate is revoked in CRL, as expected openswan tears down connection. After this, will openswan bring the connection up if the CRL is updated to not revoke the certificate again?

It should. It has no "memory" of what is revoked other then what's in the loaded CRL.


More information about the Users mailing list