From 2a2669ee3e7ec6ba2642cacbfa28ad235e09ac32 Mon Sep 17 00:00:00 2001 From: Andreas Steffen Date: Tue, 27 Sep 2016 14:42:08 +0200 Subject: vici: strongswan.conf cache_crls = yes saves fetched CRLs to disk --- conf/options/charon.opt | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'conf') diff --git a/conf/options/charon.opt b/conf/options/charon.opt index 04e099e12..6e0b37c57 100644 --- a/conf/options/charon.opt +++ b/conf/options/charon.opt @@ -30,6 +30,12 @@ charon.cert_cache = yes Whether relations in validated certificate chains should be cached in memory. +charon.cache_crls = no + Whether Certicate Revocation Lists (CRLs) fetched via HTTP or LDAP should + be saved under a unique file name derived from the public key of the + Certification Authority (CA) to **/etc/ipsec.d/crls** (stroke) or + **/etc/swanctl/x509crl** (vici), respectively. + charon.cisco_unity = no Send Cisco Unity vendor ID payload (IKEv1 only). -- cgit v1.2.3