Hi, I
think the first thing to do is read the RFC from IETF to understand what is a
CRL.
The
RFC is 2459 page 42.
Olivier Michiels
-----Original Message-----
From: Sarath Chandra M [mailto:[EMAIL PROTECTED]]
Sent: mardi 25 septembre 2001 10:05
To: [EMAIL PROTECTED]
Subject: CRL how toHi,This is what I have done so far. I have generated a CA certificate.Then created an empty CRL using the command :openssl ca -gencrl -out crl.pem -config /usr/share/ssl/openssl.cnfAfter this, I started creating Client certificates.Now my requirement is to know what exactly a CRL is and how to maintain it ?Will the expired client certificates automatically get into CRL ?Can the CRL be on a stand alone machine ?Will the webserver (iPlanet) check for the validity of the Client certificate like expiry, etc. ?Kindly let me know if further information as to what I commands I used, is needed or if I havenot explained my problem properly.thanx n regardsSarath Chandra M-----Original Message-----
From: Olivier Michiels [mailto:[EMAIL PROTECTED]]
Sent: 25 September 2001 11:42
To: '[EMAIL PROTECTED]'
Subject: RE: CRL how toCould you be more specific.What do you need exactly ?Olivier Michiels-----Original Message-----
From: Sarath Chandra M [mailto:[EMAIL PROTECTED]]
Sent: mardi 25 septembre 2001 9:42
To: [EMAIL PROTECTED]
Subject: CRL how toHi,I have installed openssl and have started generating client certificates. I would like toknow, how I can create and maintain CRLs.I would appreciate if anybody provides any help or resource pointers for this.thanx in advanceSarath Chandra M
