Hi,
This is what I have done so far. I
have generated a CA certificate.
Then
created an empty CRL using the command :
openssl ca -gencrl -out crl.pem -config
/usr/share/ssl/openssl.cnf
After
this, I started creating Client certificates.
Now my
requirement is to know what exactly a CRL is and how to maintain it
?
Will
the expired client certificates automatically get into CRL
?
Can
the CRL be on a stand alone machine ?
Will
the webserver (iPlanet) check for the validity of the Client certificate
like expiry, etc. ?
Kindly
let me know if further information as to what I commands I used, is needed or if
I have
not
explained my problem properly.
thanx
n regards
Sarath Chandra
M
-----Original Message-----
From: Olivier Michiels [mailto:[EMAIL PROTECTED]]
Sent: 25 September 2001 11:42
To: '[EMAIL PROTECTED]'
Subject: RE: CRL how toCould you be more specific.What do you need exactly ?Olivier Michiels-----Original Message-----
From: Sarath Chandra M [mailto:[EMAIL PROTECTED]]
Sent: mardi 25 septembre 2001 9:42
To: [EMAIL PROTECTED]
Subject: CRL how toHi,I have installed openssl and have started generating client certificates. I would like toknow, how I can create and maintain CRLs.I would appreciate if anybody provides any help or resource pointers for this.thanx in advanceSarath Chandra M
