Ok, in this case I misunderstood the documentation. It only states that CRLs for CA and Sub-CAs are not implemented.
Thank's for your answer. Kind regards, Manuel Faux -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Martijn Brinkers Sent: Wednesday, April 20, 2011 8:27 PM To: [email protected] Subject: Re: [Djigzo users] How to use external PKI On 04/20/2011 07:57 PM, Manuel Faux wrote: > Hello, > > I have an existing PKI outside of Djigzo. So I've created a Sub-CA and > imported this CA incl. SKs into Djigzo. As far I understood the > documentation, Djigzo does not support CRL-Generation, but the Documentation > recommends using a full-blown CA like EJBCA instead. > Has anyone ever used Djigzo in such a scenario? What is the recommended way > to issue and to revoke certificates? I came up with the idea about writing an > additional RequestHandler, which uses the EJBCA-API to issue the > certificates, but is this necessary? Djigzo can generate CRLs, click CA en then click on "Create CRL". Only if you need a more advanced CA, like multiple CAs, use different key usage, use your own extensions etc. it's better to use an external CA. Kind regards, Martijn -- Djigzo open source email encryption _______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
