I've discovered that having a trailing slash in an OCSP URL can cause problems with MS-CAPI. This is a minimal patch to make the example non-broken. I haven't added any additional text to the documentation to explain this because all that was there in the first place was the example. Please let me know if this needs to be more extensively documented.
I've CC'd cr...@bis.doc.gov is requested in the readme, however this is a trivial documentation change which doesn't touch any encryption code. diff --git a/doc/apps/x509v3_config.pod b/doc/apps/x509v3_config.pod index 06d8467..8e3d48a 100644 --- a/doc/apps/x509v3_config.pod +++ b/doc/apps/x509v3_config.pod @@ -220,7 +220,7 @@ certain values are meaningful, for example OCSP and caIssuers. Example: - authorityInfoAccess = OCSP;URI:http://ocsp.my.host/ + authorityInfoAccess = OCSP;URI:http://ocsp.my.host authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List firstname.lastname@example.org Automated List Manager majord...@openssl.org