Hi, I'm using openssl 0.9.4 on Solaris 2.6. I created a sample CA and have some working Server-Certificates. For revoking one of them i changed index.txt - I replaced V by R - I entered a revoc.-Date - I added a tab Now i create a CRL by typing : openssl ca -gencrl -verbose -out ./crl.pem **** Using configuration from /usr/local/ssl/openssl.cnf Enter PEM pass phrase: R 991117164324Z 991017120000Z 00 unknown /C=DE/ST=Bayern/L=Muenchen/O=Landeshauptstadt Muenchen/OU=Amt fuer Informations- und [EMAIL PROTECTED] V 991117165810Z 01 unknown /C=DE/ST=Bayern/L=Muenchen/O=Landeshauptstadt Muenchen/OU=Amt fuer Informations- und [EMAIL PROTECTED] V 991117172602Z 02 unknown /C=DE/ST=Bayern/L=Muenchen/O=Landeshauptstadt Muenchen/OU=Amt fuer Informations- und [EMAIL PROTECTED] 3 entries loaded from the database generating indexs making CRL signing CRL **** OK, I think, this works. I have a 812-Byte output-file "crl.pem" Now I want to convert it to DER-fromat for importing into Browsers. I type : openssl crl -in ./crl.pem -outform DER -out ./crl.der The result is the following : *********************** unable to load CRL 1812:error:0D080071:asn1 encoding routines:d2i_ASN1_INTEGER:expecting an integer:a_int.c:241: 1812:error:0D0AD004:asn1 encoding routines:d2i_X509_REVOKED:nested asn1 error:x_crl.c:92:address=1094238 offset=2 1812:error:0D084070:asn1 encoding routines:d2i_ASN1_SET:error parsing set element:a_set.c:198:address=1094236 offset=-1094236 1812:error:0D0A4004:asn1 encoding routines:d2i_X509_CRL_INFO:nested asn1 error:x_crl.c:183:address=1093972 offset=264 1812:error:0D0A3004:asn1 encoding routines:d2i_X509_CRL:nested asn1 error:x_crl.c:234:address=1093968 offset=4 1812:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_lib.c:239: *************************** No DER-File is created. Whats the reason of this error? Greets Florian Baier ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
