On Wed, Dec 08, 1999, Christian Buysschaert wrote:
> I've been experimenting a bit with the SSLCARevocationFile
> directive. It does seem to work but when you update the
> referenced file (with a new CRL) it is only 'reread'
> when you restart Apache. Is this correct?
Yes.
> Is there any
> way around it? Perhaps using SSLCARevocationPath is
> more flexible in using each time the new file?
Hmmm... yes, AFAIK OpenSSL doesn't cache the contents of files under
SSLCARevocationPath, so this should work as a workaround. But, BTW, is it
really a problem to do a graceful restart if a CRL changed?
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]