Hi Franck, Cool, very cool! You may also add the following for Revoke a certificate section
crldays or crlhours, and crlexts options the two first indicate when the next CRL will be update the last one will use crl_exts section in openssl.cnf and then will produce a CRL v2 instead of CRL v1. example: CRL are udpated weekly openssl ca -gencrl -config /path/to/openssl.cnf \ -crldays 7 -crlexts crl_ext Ciao! Franck Martin wrote: > > Following my previous draft HOWTO I'm about to submit this HOWTO to the > www.linuxdoc.org > > Any last comments or additions required? > > You can send especially your contributions for the FIXME parts. > > Franck Martin > Network and Database Development Officer > SOPAC South Pacific Applied Geoscience Commission > Fiji > E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > Web site: http://www.sopac.org/ > <http://www.sopac.org/> Support FMaps: http://fmaps.sourceforge.net/ > <http://fmaps.sourceforge.net/> > > This e-mail is intended for its addresses only. Do not forward this e-mail > without approval. The views expressed in this e-mail may not be necessarily > the views of SOPAC. > > -------------------------------------------------------------------------------- > Name: CA.pdf > CA.pdf Type: Acrobat (application/pdf) > Encoding: base64 -- # .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .... .- # Averroes A. Aysha # Think Linux, Think Slackware! # e-fingerprint = 63:B0:7D:A1:23:BC:25:96:AE:B7:76:36:F3:07:1F:88 # .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .... .- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
