summaryrefslogtreecommitdiff
path: root/src/ipsec/_ipsec.8.in
diff options
context:
space:
mode:
Diffstat (limited to 'src/ipsec/_ipsec.8.in')
-rw-r--r--src/ipsec/_ipsec.8.in15
1 files changed, 9 insertions, 6 deletions
diff --git a/src/ipsec/_ipsec.8.in b/src/ipsec/_ipsec.8.in
index 210d74ef8..0aef8c031 100644
--- a/src/ipsec/_ipsec.8.in
+++ b/src/ipsec/_ipsec.8.in
@@ -210,15 +210,18 @@ flushes and rereads all secrets defined in \fIipsec.secrets\fP.
.
.TP
.B "rereadcacerts"
-reads all certificate files contained in the \fI/etc/ipsec.d/cacerts\fP
-directory and adds them to the list of Certification Authority (CA)
-certificates.
+removes previously loaded CA certificates, reads all certificate files
+contained in the \fI/etc/ipsec.d/cacerts\fP directory and adds them to the list
+of Certification Authority (CA) certificates. This does not affect certificates
+explicitly defined in a
+.BR ipsec.conf (5)
+ca section, which may be separately updated using the \fBupdate\fP command.
.
.TP
.B "rereadaacerts"
-reads all certificate files contained in the \fI/etc/ipsec.d/aacerts\fP
-directory and adds them to the list of Authorization Authority (AA)
-certificates.
+removes previously loaded AA certificates, reads all certificate files
+contained in the \fI/etc/ipsec.d/aacerts\fP directory and adds them to the list
+of Authorization Authority (AA) certificates.
.
.TP
.B "rereadocspcerts"
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-13 01:00:39 +0000