I'm using:
i586-slackware-gnu-libc
apache-1.3.12
openssl-0.9.6a
In testing, certs are verified, but I found the server is.not
rejecting https requests from clients with revoked
certificates. I have tried both the configurations:
SSLCARevocationPath /www/conf/ssl.crl
or
SSLCARevocationFile /www/conf/ssl.crl/ca.crl
When i run:
openssl crl -in ca.crl -CAcert cacer.pem -text -noout
I get:
verify OK
Certificate Revocation List (CRL):
Version 1 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: /C=US/ST=xxxxxxxxxxxxxx...
Last Update: Feb 21 16:59:13 2002 GMT
Next Update: Mar 23 16:59:13 2002 GMT
Revoked Certificates:
Serial Number: 1E
Revocation Date: Feb 21 15:34:12 2002 GMT
Serial Number: 1F
Revocation Date: Feb 8 20:52:24 2002 GMT
Signature Algorithm: md5WithRSAEncryption
xx.xx.xx.xx.xx....
which looks good, but maybe reflects a problem.
What's my problem? How can I workaround in the meantime with
.htaccess?
Thanks.
Chris
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
