Hi Micha,
0. it depends on the version1. openca_0_9_2 1.1. normal way CRR --> REVOKED_CERTIFICATEIf the system sets the cert to revoked then we execute an OpenSSL command which changes the state in index.txt. A CRR is required for this action.1.2. agressive modeSet cert to revoked and rebuild the index.txt (via recovery functionality). After this you can create a fresh CRL.
So this means the index file for crl creation is creted on transition between the states ? If the index-update is availabel through the API I can call this from the new created batch command, so this wont be an issue - is the CRR used for anything else or there any arguemnts against calling the API and setting the database-status of the certs directly ??
Oliver -- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72
smime.p7s
Description: S/MIME Cryptographic Signature
