Hello there,
Thanks a lot for your help and input. Actually i found a solution to the problem. Entrust allows partitioned CRLs by default (CRLs are splited for scalability purposes) but you can enable the combined CRL which will not be splitted (for compatibilty, as the partioned CRL is only an option in the standard). So this one works well with openssl/mod_ssl. Those 2 CRLs (combined and partitioned) will work both at the same time without problems. If you want more info on that, don't hesitate to ask me. Cheers, Alec ________________________________________________________________________________________ >From "Schaefer,Lorrayne J." <[EMAIL PROTECTED]> on 12 December 2001 9:07:02 To : [EMAIL PROTECTED] Copy To : [EMAIL PROTECTED] Subject : Re: Multiple CRLs with same CA Hi everyone. I was chatting with an Entrust engineer yesterday about partitioned CRLs (this is where you can break it down my something such as size). The only CA that currently do this to my knowledge is Entrust. I agree with Rich Salz's response. OCSP is a great way to go (and, Valicert offers an Apache plug-in). :-) Lorrayne ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] -------------------------------------------------------------------------------------------- Alec Barea PKI engineering team Equant Tel: +1 514 847-3436 CVS: 225 3436 ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]