[OpenXPKI-users] ldap connector - publishing CRL, un-publish user certificate

Montajab Saleh Tue, 31 Aug 2021 13:39:19 -0700

Hi,

I try on to publish all users certificates and CRLs to LDAP directory,
when issuing a user certificate it get published as supposed to,
Also, first CRL also get published, but when issuing another CRL it get
Failed with error "ERROR Already exists"
any advice on how to update the CRL if it already exist
my current config for CRL publishing
-------
ldap-crl:
    class: Connector::Proxy::Net::LDAP::Single
    LOCATION: ldap://<ldap.myorg.local>
    base: dc=myorg,dc=local
    filter: (objectCategory=cRLDistributionPoint)
    binddn: cn=admin,dc=myorg,dc=local
    password: mysecret
    attrmap:
        der: certificateRevocationList;binary


    create:
        basedn: dc=myorg,dc=local
        rdnkey: cn

    schema:
        cn:
            objectclass: cRLDistributionPoint
            values:
                cn: copy:self
-------
another question,
is there a way to unpublish a certificate from ldap directory, when it gets
revoked for example

Thanks

-- 
*Regards*
*Montajab Saleh*

_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users

[OpenXPKI-users] ldap connector - publishing CRL, un-publish user certificate

Reply via email to