In reference to making Apache reload the CRL are you sending a SIGHUP to do that or
something else?
-Ron
On Thu, Aug 09, 2001 at 08:17:36AM +0200, [EMAIL PROTECTED] sent this
message:
> Hello Ron,
>
> As I Know there is no way to "learn" the new CRL file without making an
> Apache stop and start. But you should be able to make a RELOAD only. I
> used it in my Apache on Unix and it works quite well.
>
> Maybe in the future Apache-ModSSL will support OCSP and it will solve this"
> problem".
>
> Sylvain
>
>
>--------------------------------------------------------------------------------------------------------
> Sylvain Maret
> Senior Security Engineer - Strategic Director
> e-Xpert Solutions SA
> Route de Pr�-Marais 29
> 1233 Bernex / Geneva
> Switzerland
>
> Tel: +41 22 727 05 55
> Fax: +41 22 727 05 50
> Mail: [EMAIL PROTECTED]
>
>
>
>
> Ron Ridley <[EMAIL PROTECTED]>
> Sent by: [EMAIL PROTECTED]
> 09.08.2001 03:16
> Please respond to modssl-users
>
>
> To: [EMAIL PROTECTED]
> cc:
> Subject: CRL questions
>
>
> Background:
> I have a win32 installation of apache 1.3.12 w/ mod_ssl 2.6.1 running on aN
> T4
> server. I am using W2K CA to handle client certs. This setup is specialb
> /c apache
> runs as a part of the firewall service (Raptor 6.5) to enable secure
> access to a web
> based auth page.
>
> Problem:
> Users can connect to the site fine with their certs, however, problems
> exists
> setting up a CRL. I want to update the CRL every couple of days, yet it
> requires
> a restart of apache to re-read the CRL. My problem lies in that this alsor
> equires
> a restart of the firewall.
>
> Question:
> Can someone verify my findings into the fact that apache must be restartedt
> o
> load the updated CRL? If this is the case then are there plans to allow
> updating/reloading of the CRL without reloading apache(e.g. CRL expirationp
> eriod)?
>
> Thanks in advance.
> Ron
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
>
>
>
>
>-----------------------------------------------------------------------------------------------
> DISCLAIMER
> This email and any files transmitted with it, including replies
> and forwarded copies (which may contain alterations)
> subsequently transmitted from the Company, are confidential
> and solely for the use of the intended recipient. It may contain
> material protected by attorney-client privilege. The contents
> do not represent the opinion of e-Xpert Solutions SA except
> to the extent that it relates to their official business.
>
> If you are not the intended recipient or the person responsible
> for delivering to the intended recipient, be advised that you
> have received this email in error and that any use is strictly
> prohibited. If you are not the intended recipient, please advise
> the sender by return e-mail, then delete this message and any
> attachments.
>
> e-Xpert Solutions SA: [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
