d just link the modified .o file along with the standard
libraries, as long as you don't get too far out of synch with releases.
We aren't that desperate at my site, though. We will need to restart
the server for a new CRL to take effect. But we won't need to do this
to survive CRL
I think this was discussed on the list (probably as part of 2.4 TLS
enhancements), but I don't recall the outcome.
My first evil idea, though, would be to try to kick your TLS config
using back-config...hopefully that rehashes everything?
On Wed, 5 Dec 2007, Matt Kelley wrote:
I am using Op
I am using OpenLDAP 2.3.39. I have enabled CRL checking by including
"TLSCRLCheck peer" in my slapd.conf file. I am having a problem when
CRLs expire. I find that, after retrieving an updated CRL, I must
restart slapd in order for it to be used. This seems to be true
whether using TLSCACertific
