0.9.4 has openssl ca -revoke (don't know about earlier versions - we
were using SSLeay before, and it didn't have this). Note that index.txt
remains the same - the new database is in index.txt.new (the db inside
demoCA, or whatever the directory is called in your cnf file).
Andrew
PS OpenSSL seems better than SSLeay (even more comments in the code!) -
thank-you to everyone who has contributed.
Patrick O'Neill wrote:
>
> Has anyone implemented certificate revocation yet? We need to implement
> it on our servers, I was going to write a back end script to compare the
> users certificate to the index.txt database and see if it exists. If
> this is not the correct way, or someone has already written a similar
> program, I would appreciate any input.
>
> Thanks,
> Pat
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
