strongSwan KVM Tests / ikev2 / crl-from-cache
Test ikev2/crl-from-cache
Description
By setting revocation = strict a strict CRL policy is enforced on both roadwarrior carol and gateway moon. When carol initiates an IPsec connection to moon, both VPN endpoints find a cached CRL in their /etc/swanctl/x509crl/ directories which allows them to immediately verify the certificate received from their peer.