[Swan] Is libreswan's OCSP periodically doing checks ?
Paul Wouters
paul at nohats.ca
Fri Jun 3 02:26:05 UTC 2016
On Wed, 25 May 2016, jonetsu wrote:
> Is libreswan's OCSP periodically doing checks to see of the certificate in use is still valid ? If so, at which frequency ?
Yes, but this was very recently fixed. So you might want to try 3.18rc2.
It used to not re-check when the OCSP was still valid I believe. In the
latest code, I think it uses the refresh time specified in the OCSP
request.
Tuomo should know the gory details,
Paul
More information about the Swan
mailing list