masar...@aero.polimi.it wrote: > I recently hit a pretty long certificate list with what appears to be crap > past the end of its valid portion. I have no indication about how this > was generated, but it is supposed to be in production within a CA, > initially using a release of OpenLDAP without detailed CL validation in > place (remember this was released in 2.4). I'm not posting this to the > ITS because it's data I'm not allowed to disclose.
How about using this one as a test (33 MB): http://onsitecrl.certplus.com/DIRECTIONGENERALEDESIMPOTSDIRECTIONGENERALEDESIMPOTSUSAGER/LatestCRL IIRC I once tried to add this one in OpenLDAP 2.4.x but it did not work. Ciao, Michael.
