How to add a client certificate to an already created and empty Certificate
Revocation List?
thanks
Sergio
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
On Wed, Feb 19, 2003 at 11:57:20AM +0100, Zampognaro Sergio wrote:
> How to add a client certificate to an already created and empty Certificate
> Revocation List?
>
openssl ca -revoke filename
see man ca and man crl in the openssl docs.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
On Wed, Feb 19, 2003 at 12:10:14PM +0100, Mads Toftum wrote:
> openssl ca -revoke filename
>
> see man ca and man crl in the openssl docs.
>
I forgot to add this link - http://www.apacheweek.com/features/crl
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
On Wed, 19 Feb 2003, Zampognaro Sergio wrote:
> How to add a client certificate to an already created and empty Certificate
> Revocation List?
Here are the instructions if you are using openssl and your own CA:
First you have to revoke the certificate:
openssl ca -revoke certificate-file
Then you have to recreate the CRL:
openssl ca -gencrl -out crl.pem
If you need DER format:
openssl crl -in crl.pem -outform der -out crl.der
Regards
Burkhard
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org