By setting <b>cache_crls = yes</b> in <b>/etc/strongswan.conf</b>, a copy of
both the <b>base CRL</b> and the latest <b>delta CRL</b> fetched via http from
the web server <b>winnetou</b> is saved locally in the directory
<b>/etc/swanctl/x509crl</b> on both the roadwarrior <b>carol</b> and the
gateway <b>moon</b> when the IPsec connection is set up.
The <b>subjectKeyIdentifier</b> of the issuing CA plus the suffixes
<b>.crl</b> and <b>_delta.crl</b> are used as unique filename for the
cached <b>base CRL</b> and <b>delta CRL</b>, respectively.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to description.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / swanctl / crl-to-cache