Viktor, thank you a lot for the syntax: really that manual IS misleading! Well, now I can configure good (for Microsoft) CRL distribution points: crlDistributionPoints = ca_cdp [ ca_cdp ] fullname = @ca_cdp_uries reasons = keyCompromise [ ca_cdp_uries ] URI.1 = ldap:///CN=CA,CN=IssuerW2k8,CN=CDP,CN=Public%20Key%20Services,CN=Services,....etc URI.2 = http://issuerw2k8.wud.lan/CertEnroll/ROOTCA.crl
(2) *** But: *** how shall I cope with Authority Info Access? Manual says: authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html I need ldap URI with commas inside. And OpenSSL refuses my both assumptions: (a) authorityInfoAccess = some_section (b) authorityInfoAccess = caIssuers;@some_other_section If there were a way to escape comma symbol in string values where sequences expected! So please, more hints.. Alexey ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
