Re: [openssl-users] Custom lastUpdate in CRL

Interestingly, it is part of standard (automated) operations here. Specifically, we use it to verify that data from the past was actually signed with certificates that were valid at that (past) point in time. It is not an ideal interface, but seems reliable in the controlled environment where

Re: [openssl-users] Custom lastUpdate in CRL

Hi Jakob, Thanks. It solved my problem for now. I agree with your suggestion. In our scenario this would be a regular thing for coming years and will not be seen as standard way for operations. -- Rishi Pathak On Fri, Sep 9, 2016 at 5:00 PM, Jakob Bohm wrote: > On

Re: [openssl-users] Custom lastUpdate in CRL

On 09/09/2016 12:11, Rishi Pathak wrote: Hi, For a reason we require lastUpdate to be set to a date in the previous year, with nextUpdate a year from now in our CRL. Search on google led me to a patch which allows use of startDate/endDate for CRL generation as well apart from