I need to parse a CRL (Certificate Revocation List) file and verify if a client certificate has been revoked, but the PHP OpenSSL extension do not support this feature.
I saw a patch for this issue dated from 2007 http://bugs.php.net/bug.php?id=40046 http://pecl.php.net/~pierre/ext-openssl-crl.patch http://mbechler.eenterphace.org/blog/uploads/ext-openssl-crl.patch Somebody have news about this issue? Has a workaround, like a external program call with exec() or system() ? I'm thinking about a command line program like this 'openssl crl -inform DER -text -noout -in mycrl.crl'. So, parse the output and find the serial number of client certificate. Thanks, Ricardo Maia (Brainfork)
