blob: 17866f572490e1b550c02bc0b972dac69ae1e4d7 (
plain)
1
2
3
4
5
|
By setting <b>strictcrlpolicy=yes</b> a <b>strict CRL policy</b> is enforced on
both roadwarrior <b>carol</b> and gateway <b>moon</b>. When <b>carol</b> initiates
an IPsec connection to <b>moon</b>, both VPN endpoints find a cached CRL in
their <b>/etc/ipsec.d/crls/</b> directories which allows them to immediately verify
the certificate received from their peer.
|