Updating a CRL

David Kramer Mon, 16 Jun 2003 16:27:50 -0700

I'm trying to figure out how to update a CRL without restarting the server. It looks like get_cert_by_subject() wants to see all the successively generated CRLs for a CA. In other words, it wants to see something like 12345.r0, 12345.r1 etc.

So I start the server with 12345.r0 in my certificate directory, and then add a new CRL (say 12345.r1). If I then call SSL_CTX_load_verify_locations(), it errors out telling me that it has already loaded 12345.r0.

So how can I get the server to load 12345.r1? Note that 12345.r0 should be obsolete, since all of the information it contains should be encapsulated in 12345.r1.

Thanks in advance.
David

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Updating a CRL

Reply via email to