I just wondered if there is any special reason why you define the CRL distribution point to be on a https server?
Or do you know a hint to avoid this problem without changing the location of the CRL distribution point?
No, I don't know a hint. We use Microsoft's Smartcardlogin with a https CDP and have no problems but by default we use http because F-Secure VPN+ for example only supports http and ldap.
https is not really a must because CRLs secure themselves via signatures. I added an new switch (crl_httpd_protocol) in config.xml for OpenCA 0.9.2). I will not change 0.9.1 because it is frozen and this change is not a bugfix.
Thanks for the comment
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
