On Mon, Mar 17, 2003, Krause, Helga wrote: > Hello, > does anybody know how to use the options "crl_check" and "crl_check_all" > with the command > "openssl smime" correctly?
Erm yes: I wrote that bit :-) You have to add a CRL to either the file mentioned with the -CAfile option or the directory for -CApath (don't forget c_rehash). > Is it only used within a verification process? Yes it is only used when a certificate is verified. This effectively means S/MIME signature verification only. > Which certificates is it taking for a comparison in a given crl? The signers certificate(s) or all certificates in a chain if crl_check_all is present. > Access to a crl saved in a file resulted in an error: "Parameter -crl_check: > CRL wird nicht gefunden". Well that isn't a standard OpenSSL error. Are you using the standard 'smime' command or something else? My knowledge of other languages is somewhat limited but does that translate as "CRL was not found"? If so then the current CRL probably isn't in the relevant place. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
