Hi,
How to automatically put an entry in the CRL when a new
Client certificate is generated.
regards
Sarath
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: 25 September 2001 13:28
To: [EMAIL PROTECTED]
Subject: RE: CRL how to
Hi Sarath,
In the openssl CA Directory there is a file named "index.txt" which contains
a summary of
the issued certificate. For example:
V 020925082220Z 01 unknown /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=Goofy
V 020925082341Z 02 unknown /C=AU/ST=New Zeland/L=Wellington/O=Internet
Widgits Pty Ltd/OU=uncle duck/CN=Gogo
This entries must be modified in order to make the CRL:
R 020925082220Z 010925090120Z 01 unknown /C=AU/ST=Some-State/O=Internet
Widgits Pty Ltd/CN=Goofy
R 020925082341Z 010925092341Z 02 unknown /C=AU/ST=New Zeland/L=Wellington/O=Internet
Widgits Pty Ltd/OU=uncle duck/CN=Gogo
At this point just enter the following statements at prompt:
$ ca -gencrl -crldays 30 -out temp.pem
$ crl2pkcs -in temp.pem -out pkcs7_crl.pem
At this point you have a PKCS7 file containing a CRL, which can be imported
into
whatever application supporting it.
Best Regards
[Gerardo Maiorano]
-- Original Message --
>
>Hi,
> I have installed openssl and have started generating client
>certificates. I would like to
>know, how I can create and maintain CRLs.
>
>I would appreciate if anybody provides any help or resource pointers for
>this.
>
>thanx in advance
>Sarath Chandra M
>
>
__________________________________________________________________
Abbonati a Tiscali!
Con VoceViva puoi anche ascoltare ed inviare email al telefono.
Chiama VoceViva all' 892 800 http://voceviva.tiscali.it
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]