On 22.04.2015 10:36, Jan Kaluža wrote:
On 04/22/2015 09:50 AM, Kaspar Brand wrote:
Fiddling with OpenSSL internals
looks rather scary to me, at least at first sight - perhaps there's an
API for clearing a CRL store in OpenSSL?
Unfortunately there's no such API in OpenSSL. There's caching
On 21.04.2015 12:20, Jan Kaluža wrote:
we used to have a patch against httpd-2.2.15 to add SSLDisableCRLCaching
option to not cache CRLs. I was trying to adapt this patch for
httpd-trunk and eventually include it upstream but now I'm in dead end.
The patch removes all the CRLs from the
On 04/22/2015 09:50 AM, Kaspar Brand wrote:
On 21.04.2015 12:20, Jan Kaluža wrote:
we used to have a patch against httpd-2.2.15 to add SSLDisableCRLCaching
option to not cache CRLs. I was trying to adapt this patch for
httpd-trunk and eventually include it upstream but now I'm in dead end.
The
Hi,
we used to have a patch against httpd-2.2.15 to add SSLDisableCRLCaching
option to not cache CRLs. I was trying to adapt this patch for
httpd-trunk and eventually include it upstream but now I'm in dead end.
The patch removes all the CRLs from the per-server_rec OpenSSL cache
created in