Hi Matthew, Am 15.03.2013 16:03, schrieb Matthew Hall:
Read about the cRLSign KeyUsage bit. This is how it is usually handled.
I already let the Root CA issue a certificate with "keyUsage = cRLSign" and used that certificate to sign the CRL, but my colleague's Windows machine refused to accept the CRL signed that way.
The problem went away when I directly signed the CRL with the Root CA certificate, so I thought I did something wrong or it's simply not possible.
Thanks, Sven ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
