Hi, does anyone know how Outlook Express checks CRLs?
I included crlDistributionPoints = URI:http://mySite/myCrl.crl into openssl.cnf In OE I set Extras | Optionen | Sicherheit | Erweitert ... | Zertifikate pr�fen | Auf widerrufene digitale IDs pr�fen: Nur wenn online which should translate to English Tools | Options | Security | Advanced ... | Check Certificates | Check for revoked certificates: Only when online. However when I checked an email, signed with the certificate generated with the openssl.cnf mentioned above, no matter whether the cert was valid, expired or revoked, I always got: "Status der �berpr�fung: Die digitale ID wurde nicht zur�ckgezogen oder es konnten keine Informationen diesbez�glich f�r dieses Zertifikat bestimmt werden." (Translation: "Status of check: The digital ID was not revoked or no information could be found regarding this certificate.") OE seems to acknowledge the CRL distribution point, because when I use a certificate without this property, I get: "Die digitale ID kann nicht �berpr�ft werden, weil die Liste der zur�ckgezogenen IDs unerh�ltlich ist" (Translation: "The digital ID cannot be checked, because the list of revoked IDs is not available." Christian P.S.: If someone has the correct English translation of the messages, this would be helpful too, because I could Google more precisely for this topic. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
