[Openca-Users] Offtopic: IE6 - problem getting CRL over HTTPS

[Grich, Ondrej]

Hello,

Sorry for little off-topic question.

I'm facing problem with accessing secure server, especialy with getting
CRL over HTTPS.
Situation: IE (ver. 6; WinXP SP1) with client side certificate. "Check
for server certificate revocation" option is enabled. Secure server
certificate's CDP (certificate distribution point) attribute points to
URI:https://blabla.blabla.com/crl/crl.crl.
When connecting with IE to secure server (over HTTPS), the ssl handshake
between client and server took place (verified from servers
http logs), and than nothing happens for several minutes. after that IE
complains that "Revocation information for security certificate for
this site is not available". The CA certificate (which published server
certificate) has also CDP attribute with HTTPS.

The same scenario, except the server certificate, which now has
attribute with CDP distribution point accessbile over HTTP, works fine.

Does anybody faced this situation? ANybody knows what steps are involed
in IE's Certificate validation/CRL checking?

thanks in advance
og


-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id78&alloc_id371&op=click
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users