Thank you Hazel. I figured out what my problem was. I had already generated
a crl. I was expecting the "verify" functions to fail when a Cert had been
revoked. It doesn't.
I am now writing code, as you suggest, to check a cert against the CRL.
Thanks,
-jon
>-----Original Message-----
>From: hazel Gao <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
>Date: Thursday, April 06, 2000 2:01 PM
>Subject: Re: Revoking Certificates
>
>
>>Generate a crl, then make the app to check for any
>>requesting service user's cert against it. You needn't
>>and cannot control user's certs yourself.
>>
>>Hazel
>>--- Jon Hale <[EMAIL PROTECTED]> wrote:
>>>
>>>
>>> I have setup a mini-CA for a specific app. I
>>> generated a cert, self-signed it,
>>> and then used this cert (my CA cert) to sign other
>>> certs ("user Certs"). The
>>> user certs then pass out of my control.
>>>
>>> Now I want to revoke one of the user certs.
>>> Can you tell me how I do this? Or at least give me a
>>> hint?
>>>
>>> Thank you very much,
>>> -jon
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
