Marco Nardelli wrote:
> I tried to install 0.8.0 but i had some troubles with DBImodule;
> besides my boss wants an available CA working in a few days so
> I'have to adapt my old (but working) 0.2.0-5.
> Anyway I succeeded in making a CRR (files CRR.req and CRR.req.sig),
> integrating some new CGI scripts with the 0.2.0-5 version.
> Then I (CA) can manually move this certificate from the "validcerts" directory
> to the "revoked" directory.
Only moving is not enough. You can see which OpenSSL command is used to
revoke a certificate in OpenCA::OpenSSL's sub revoke.
> Now the problem is:
>
> how can I, from the PEM or DER certificates just revoked, get a cacrl.crl file,
> containing the revoked certificates, to be importable by Netscape ?
> I don't know how to manually build the DER format of this file, importable by
>browser.
> Are there any pieces of code, anywhere in the new version, useful for this goal ?
> I have to build this file but I don't know how.
Here you can have a look into OpenCA::OpenSSL again. The function is
issueCRL.
You can find the module in the pre-0.8 versions in
src/modules/ and the tar -xzf OpenCA...
Hope this helps
Michael
----------------------------------------------------------------------------
Michael Bell Email: [EMAIL PROTECTED]
Rechenzentrum - Datacenter Email (work):
[EMAIL PROTECTED]
Humboldt-University of Berlin Tel.(work): +49 (0)30-2093 2482
Unter den Linden 6 Fax.(work): +49 (0)30-2093 2959
10099 Berlin
Germany [OpenCA Core
Developer]
http://openca.sourceforge.net
S/MIME Cryptographic Signature
