1 By setting <b>strictcrlpolicy=yes</b> a <b>strict CRL policy</b> is enforced on
2 both roadwarrior <b>carol</b> and gateway <b>moon</b>. Thus when <b>carol</b> initiates
3 the connection and no current CRL is available, the Main Mode negotiation fails
4 but a http fetch to get the CRL from the web server <b>winnetou</b> is triggered.
5 When the second Main Mode trial comes around, the fetched CRL will be available
6 and the IKE negotiation completes.
projects / people / ms / strongswan.git / blob