diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-09-27 14:42:08 +0200 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-10-11 17:18:22 +0200 |
commit | 2a2669ee3e7ec6ba2642cacbfa28ad235e09ac32 (patch) | |
tree | 127fd795537640f59a3f0ea4712e0046c594e723 /conf | |
parent | 9ba6548766e69d273884375b5acb2df0b37b3a2c (diff) | |
download | strongswan-2a2669ee3e7ec6ba2642cacbfa28ad235e09ac32.tar.bz2 strongswan-2a2669ee3e7ec6ba2642cacbfa28ad235e09ac32.tar.xz |
vici: strongswan.conf cache_crls = yes saves fetched CRLs to disk
Diffstat (limited to 'conf')
-rw-r--r-- | conf/options/charon.opt | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/conf/options/charon.opt b/conf/options/charon.opt index 04e099e12..6e0b37c57 100644 --- a/conf/options/charon.opt +++ b/conf/options/charon.opt @@ -30,6 +30,12 @@ charon.cert_cache = yes Whether relations in validated certificate chains should be cached in memory. +charon.cache_crls = no + Whether Certicate Revocation Lists (CRLs) fetched via HTTP or LDAP should + be saved under a unique file name derived from the public key of the + Certification Authority (CA) to **/etc/ipsec.d/crls** (stroke) or + **/etc/swanctl/x509crl** (vici), respectively. + charon.cisco_unity = no Send Cisco Unity vendor ID payload (IKEv1 only). |