On 19.07.2013, at 22:33, redpath wrote:
The command
openssl ca -revoke ./demoCA/newcerts/1008.pem -config myconfig.cnf -passin
pass:password
seems to just update a database, the 1008.pem is not touched.
Can someone tell me what this command really does for revocation.
Correct. You then
Very nice tutorial
http://pki-tutorial.readthedocs.org/en/latest/
So the issue is that there is no real Certificate Management Trust system
available
handling concurrency issues for a Database that works seamless with
revocation commands and
OCSP responder.
For example, using an OCSP responder