Hi, On Mon, Jul 01, 2013 at 05:39:26PM -0700, Jan Just Keijser wrote: > and in that directory you'll need to create hashed versions of the > certificate and CRL's used; the .crt files should be renamed to <hash>.0 > and the .crl files to <has>.r0 > where <hash> is the output of > openssl x509 -hash -noout -in ca.crt
Out of curiousity, as I've seen this mentioned a few times but never read a reason for the hash-thing - how does openvpn (or apache, etc.) know the hash for the CRL file to look for, when it hasn't seen the CRL yet? gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgp1BY3QpPfcD.pgp
Description: PGP signature
------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users