Re: Importing a New CRL in Communicator

Mon, 11 Jun 2001 09:18:40 -0700 

OK thanks. I just found out that there is a known bug about Communicator not
being able to handle CRLs whose size are greater than 37 KB. Can someone
confirm this? Is the limit still 37KB? Is this bug tracked in Mozilla?

I have a NSS-enabled application that aims to import CRLs (very much like NSS'
crlutil tool does) but I'm experiencing some very nasty cert7.db corruption
when importing some CRLs. And can't figure out why certain CRLs are
problematic (CRLs can be opened with no problem using Windows or can
successfully do a DER dump using NSS' derdump tool). It looks more like the
problem is with the CERT_ImportCRL function and/or the cert7.db file.  I said
the problem is nasty because CERT_ImportCRL returns an OK status when
importing a CRL that cause the DB corruption.

Help anybody?


Steve Parkinson wrote:

> The exposed HTTP interfaces for CMS are documented here:
>
> http://docs.iplanet.com/docs/manuals/cms/42sp2/custom_guide/contents.htm
>
> See chapter 3.
>
> To resolve your problem, you might also have to specifiy
>    ?op=getCRL
>
> Steve
>
> Patrick wrote:
>
> > Hello,
> >
> > I'd like to import a CRL into my Communicator browser. So under
> > Security, Signers, I click View/Edit CRLs. There I select New and enter
> > a URL for fetching the CRL from CMS.  Something like:
> > https://idca.cms.xyz.com:443/getCRL
> >
> > (BTW, this is the URL you get when you import the CRL directly from the
> > CMS Web page and is used for Reloading the CRL. That part works.)
> >
> > However  the CMS server returns with:
> >
> > Problem Processing Your Request
> >
> > The Certificate Manager encountered a problem while processing your
> > request. The following is a detailed message of the error that
> > occurred.
> >
> >      You must select an option from the form.
> >
> > Please consult your local administrator for further assistance. The
> > Certificate Management System logs may provide further
> > information.
> >
> > What is missing in the above URL in order to get my Communicator browser
> > to import the CRL?
> >
> > -- Patrick
>
> --
> Steve Parkinson
> Engineering Manager, Certificate Management System
> Netscape Communications Corp

Reply via email to