[Swan] Current state of CRL handling?
nlindq at maei.ca
Tue Sep 13 15:55:58 UTC 2016
Just wondering what the current state of CRL handling in LibreSWAN is?
I'm running 3.18, and files in /etc/ipsec.d/crls seem to be detected and
imported by "ipsec auto --rereadcrls", but "ipsec auto --listcrls" shows
> ipsec auto --rereadcrls
> 002 loading crl file 'crl.pem' (1223 bytes)
> ipsec auto --listcrls
> 000 List of CRLs:
Attempts to import a CRL file into the NSS database using crlutil fail
with "crlutil: unable to import CRL: SEC_ERROR_CRL_INVALID: New CRL has
an invalid format."
<nlindq at maei.ca>
More information about the Swan