Hi there! I have self signed CA to sign WWW-client user-sertificates. Everything is fine until I want to revoke some client-cert. It seems that Apache-SSL (1.2.5 with 0.8.1 SSLeay=Ben-SSL/1.13) has no CRL-parameter and does neither not look into any revokation list or index.txt? Can anyone give me some guidelines how to teach Acpache-SSL to look into some Revokation List and not to accept my CA-revoked certificates? I understand that I must include some check into apache_ssl.c's ApacheSSLVerifyCallback() but what exactly? I looked into SSL/crypto/x509 - but everything seems too messy and mixed-up so and I didn't exactly realize how to use the CRL-thing for me? Thanks, M�rt Laak. +-------------------------------------------------------------------------+ | Administrative requests should be sent to [EMAIL PROTECTED] | | List service provided by Open Software Associates, http://www.osa.com/ | +-------------------------------------------------------------------------+
