multiple CDP's must be definde in openssl.conf on the ca - right? Please can you post us an example? Thanks!
Gottfried
Michael Bell schrieb:
Hi,
there were at minimum two other guys which reported this problem. The reason is really simple. The Microsoft client tries to verify the state of the webserver certificate before downloading the CRL but the client needs the CRL to verify the webserver certificate (typical hen and egg problem).
The result is that we will use in OpenCA 0.9.2 http as default protocol for CRL publishing. Our (university's) solution is to use http and ldap for CRL publishing. We have four CDPs - two machines with http and ldap and all four CDPs are in the certificate.
Perhaps it is possible to publish the CRL manually to Microsoft but I don't know how.
Greetings Michael
--
_______________________________________________________ \ / [EMAIL PROTECTED] \ / Consultant Open Systems <> Mobil 0172-6710891 \/ /\ Xtelligent IT Consulting GmbH / \ Am Kalkofen 8 <> D-61206 Woellstadt / \ Tel./Fax. 0-700-98355443 <> http://www.xtelligent.de
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
