Zitat von Martijn Brinkers <[email protected]>:
Hi Andreas, On 01/-10/-28163 08:59 PM, [email protected] wrote:found this today. Looks like a little bit too much logging or is there a real issue?According to the error message, the CRL is either corrupt or the CRL was not signed by the issuer. Do you have a copy of the offending CRL?
No, despite the verbosity of the logging i failed to find out which CRL actualy caused it :-( It also looks like the offender has corrected the problem or is now included in the "timed-out" section, but it would be useful to not emitt around 100 lines of logging for data driven errors, no?
About the logging, there is always a trade-off between too much logging or too little logging. It's not always easy to distinguish between real problems on minor problems. I will review the logging statements to see whether I can make it less verbose for situations like this.
A "validation" failure for a CRL is not that uncommen i suspect by looking at the logs. Most are server errors or time-out and maybe signing errors should be treated accordingly.
Regards Andreas
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
