François NOEL wrote:
Dominique Lohez wrote:
François NOEL wrote:
Hi I have some problems with revokating certs.
when I type :
openssl ca -config ./openssl.cnf -revoke
./newcerts/NOEL_Francois.pem -verbose That update me
"index.txt" but i don't anything in my crl/ca.crl file
[EMAIL PROTECTED]:/home/fanfan/public_html/certif_env/essai_env#
openssl crl -in crl/ca.crl -noout -text
Certificate Revocation List (CRL):
Version 1 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer:
/C=FR/ST=Calvados/O=Ingelis/OU=Stage/L=CAEN/CN=NOEL_Francois/[EMAIL PROTECTED]
Last Update: Mar 22 13:02:01 2005 GMT
Next Update: Apr 21 13:02:01 2005 GMT
*No Revoked Certificates.*
Signature Algorithm: md5WithRSAEncryption
XX:XX:XX.......
The crl is not automatically generated each time you revocate a
certificate
You must create
by a command such that
openssl ca -gencrl .... a complete description of the options is
described here http://www.openssl.org/docs/apps/ca.html#CRL_OPTIONS
I made that :
openssl ca -config openssl.cnf -out crl/ca.crl -gencrl
before revokating any certs, and It doesn't work any more
regards
Dominique
you must build the crl when at least one certificate has been revoked
Dominique
--
Dr Dominique LOHEZ
ISEN
41, Bd Vauban
F59046 LILLE
France
Phone : +33 (0)3 20 30 40 71
Email: [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
