Hi Imtiyaz,

On 14.12.20, 08:38, "Imtiyaz Mohammad" <imtiyaz@arista.com> wrote:

    Hello Fabian/Others,

    We were trying to handle the client certificate expiry using the SIGHUP mechanism that invokes tlsreloadcrls(). Just realized that the designated role for this function is to only reload
     CAs and CRLs and not client certificates. What was the intention behind this ?

I think the intention really was just to reload the CRLs, as that’s what changes frequently (and fetching new CRLs must be done externally, as mentioned in the manpage).

Best regards,
Fabian

--
SWITCH
Fabian Mauchle, Network Engineer
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
Phone +41 44 268 15 30, direct +41 44 268 15 39



_______________________________________________
radsecproxy mailing list -- radsecproxy@lists.nordu.net
To unsubscribe send an email to radsecproxy-leave@lists.nordu.net