Hi List,
I think we solved it...
It seems that Outlook really loops when it tries to fetch the CRL which is on the SSL Server.
The problem can be reproduced:
Browser IE6 Website via https Certificate contains CRL Ditribution Point CDP is protected by this Certificate
It ssems that IE checks for the SSL-Cert, then for the CRL, then vor the SSL-Cert which protects the CRL -> loop
Solution: the Webservers Cert must not contain a SSL-protected URI from the same CA.
In my special case: The Mailcerts keep their SSL CDP, the CRL is loaded via SSL and the SSL-Cert is verified through a non-SSL CDP - so I can keep my old certificates. (I just re-issued the Webservers Cert with the new CDP)
I added the following item to the FAQ in the CVS:
I use a client certificate and the (Microsoft) client hangs after it tries to start a secured connection
Best regards
Michael
P.S. I created a new snapshot to publish the updated documentation. -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing & more. Download & eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
