Hi With mod_ssl, when I ask it to check client certificates, does it do a look up of the CRL associated with the certificate, ie does it check the CRL attribute and then use that to grab a CRL and then use that to verify the list of CRL's or do I have to use a cron job to grab the crl and place it in the file pointed to by SSLCARevocationFile.
If it's the cron job, I have an issue where the crl is rebuilt once a day, it's not ready before hand, so there is going to be a few seconds delay in me getting the certificate and processing if from der to pem and placing it in the right place and then I have to do a httpd reload to get https to re-read it. So my only way forward really is to place a blank file there a few seconds before hand, reload httpd, grab and process the file and then reload httpd again. Y/N ? Alex --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [email protected] " from the digest: [email protected] For additional commands, e-mail: [email protected]
