On Tue, Dec 19, 2006, [EMAIL PROTECTED] wrote:
>
> Thanx for your reply. I found that x509_config page before. But to be
> honest, the cdp part didn't help me very much with the particular comma
> problem. And, by the way, the second error below and the "value=cdp_sect"
> message results from my
2006 01:59
> An: openssl-users@openssl.org
> Betreff: Re: AGAIN: Query on CRL distribution point
>
> On Mon, Dec 18, 2006, [EMAIL PROTECTED] wrote:
>
> >
> > Hi all,
> >
> > I am just worling on a certificate profile an I need to
> include a cdp in the f
On Mon, Dec 18, 2006, [EMAIL PROTECTED] wrote:
>
> Hi all,
>
> I am just worling on a certificate profile an I need to include a cdp in the
> following form:
>
> ldap://my.company.com/CN=Name,OU=Department,O=Company,C=DE?certificateRevocationList
>
> So the cdp should point to the crl in a d
You could put the commas in the URL in an escaped form. (The escape
for ',' is "%2C".)
ldap://my.company.com/CN=Name%2COU=Department%2CO=Company%2CC=DE?certificateRevocationList
-Kyle H
On 12/18/06, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
Hi all,
I am just worling on a certificate prof
> Gesendet: Sonntag, 5. September 2004 21:46
> An: openssl-users@openssl.org
> Betreff: Re: Query on CRL distribution point
>
> On Sun, Sep 05, 2004, pijush koley wrote:
>
> > Hi!
> > I want to setup a test CA using OpenSSL. So I configured
> openssl.cnf
revocation working using the > SSLCARevocationFile directive (using a local file).> > Using a http://www.webserver.com/crlfile.crl within the cert (CRL > Distribution Point) it doesn't work. I have put the crl on a remote > web server. Watching the logs on the remote serv
Distribution Point) it doesn't work. I have put the crl on a remote
web server. Watching the logs on the remote server I do not see the
crl being accessed.
Any troubleshooting tips?
You can't do that - Apache can only look at local files.
We use an rsync script to replicate CRLs out t
it.
> What different opinion? That you don't know?? :-)
>
> > > I am wanting to get CRL Distribution Points
> working
> > > within my client certs.
> > >
> > > Using Apache I am able to get certificate
> revocation
> > > working us
; working using the SSLCARevocationFile directive
> > (using a local file).
> >
> > Using a http://www.webserver.com/crlfile.crl within
> > the cert (CRL Distribution Point) it doesn't work.
> > I have put the crl on a remote web server. Watching
> > the l
o get CRL Distribution Points working
> within my client certs.
>
> Using Apache I am able to get certificate revocation
> working using the SSLCARevocationFile directive
> (using a local file).
>
> Using a http://www.webserver.com/crlfile.crl within
> the cert (CRL Distribu
w.webserver.com/crlfile.crl within
> the cert (CRL Distribution Point) it doesn't work.
> I have put the crl on a remote web server. Watching
> the logs on the remote server I do not see the crl
> being accessed.
>
> Any troubleshooting tips?
>
> Does the browser
I am wanting to get CRL Distribution Points working within my client certs.
Using Apache I am able to get certificate revocation working using the SSLCARevocationFile directive (using a local file).
Using a http://www.webserver.com/crlfile.crl within the cert (CRL Distribution Point) it
On Sun, Sep 05, 2004, pijush koley wrote:
> Hi!
> I want to setup a test CA using OpenSSL. So I configured openssl.cnf file according
> to my environment. Then I executed following command
>
> CA.pl -newca
>
> This gave an error and it indicated that following line produced an error.
>
> cr
Hi!
I want to setup a test CA using OpenSSL. So I configured openssl.cnf file according to my environment. Then I executed following command
CA.pl -newca
This gave an error and it indicated that following line produced an error.
crlDistributionPoints = URI:ldap://:/CRLObjID=CRLPoint,o=domain
Riviere Stéphane wrote:
>
> Hi,
>
> I'd like to know how to generate certificates with this extension :
> CRL Distribution Point
>
> I suppose that it's only a variable to set in the openssl.cnf file..
>
Yes it is. Read doc/openssl.txt
Steve.
--
Dr S
Hi,
I'd like to know how to generate certificates with this extension :
CRL Distribution Point
I suppose that it's only a variable to set in the openssl.cnf file..
I want to use OpenSSL certificates with IIS 5.0 + SSL but it only works if
there is this extension, so that IIS can aut
Hi,
I need to include the URL of the CRL (retreived by http) in my certificates
but I didn't find any option in openssl to perform this.
Is it possible ?
Emmanuel Bailleul
Ascom Adilan SA
Parc des Glaisins
14, Rue du Pré-Paillard
74940 ANNECY-LE-VIEUX
Tel. +33 (0)4 50 64 02 49
Fax. +33 (0)4 50 6
17 matches
Mail list logo