I have IPSec VPN setup with IKEv2 and RSA sign. auth. method, PKI infrastructure was on different linux host. I have imported CA cert on MikroTik and added CRL url. All works fine except CRL: revoked certificates still can connect. Its a bug or I missed something?
On Certificates->CRL WinBox window correct number of revoked certificates are shown so MiroTik dowloaded CRL correctly but not using it during cert validation.
IPSec ignoring CRL
You do not have the required permissions to view the files attached to this post.