Hi: I'm using a certificate revocation list and so far can only use one if my CRL file contains exactly one revoked certificate. Looking at ssluse.c:1526 I can see that X509_load_crl_file is expected to return 1, and if not it is considered an error. Looking at the openssl source it looks like this function returns the number of certificates loaded from the CRL file - which can change depending on it's contents.
Is this a bug, or am I missing something? (very likely). Oddly enough I looked at the Network Security with OpenSSL book (http://oreilly.com/catalog/9780596002701/) and it also compares with one. -Chris
