Just to be sure... I have a crl file called crl.pem and a CA file called trustees.pem To perform crl check with s_server, do I have to create a new file cacrlfile.pem which is the concatenation of trustees.pem and crl.pem file. and launch the following command: openssl s_server -accept 7770 -cert certificat.pem -key rsakey.pem -CAfile cacrlfile.pem -debug -bugs -crl_check ?
Thanks in advance, Selon "Dr. Stephen Henson" <[EMAIL PROTECTED]>: > On Wed, May 16, 2007, [EMAIL PROTECTED] wrote: > > > > > Thank you Steve .. > > > > I try to perform the test with s_server but I believe it does not handle > CRL > > file ( no option for this apparently) :( > > > > In OpenSSL 0.9.8 and later at least you set the -crl_check option or > -crl_check_all. The certificates and CRL(s) for verification can be supplied > in a single file using -CAfile or a directory using -CApath. > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage > OpenSSL project core developer and freelance consultant. > Funding needed! Details on homepage. > Homepage: http://www.drh-consultancy.demon.co.uk > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]