Thanks for the response. The CRL files (multiple) are provided by an external application. I provide an API to reload the CRL files, and my plan is to update the SSL_CTX objects with the new CRL files.
Can I use 0.9.6d, or should I update to 0.9.7g for this application? My understanding is that 0.9.7 is necessary for handling CRL's, yet I see CRL functions in 0.9.6. --- "Dr. Stephen Henson" <[EMAIL PROTECTED]> wrote: > On Tue, Aug 09, 2005, david kine wrote: > > > I am implemeting CRL support in an application on > > Solaris using OpenSSL 0.9.6d 9 May 2002. > > > > According to the information I have gathered, CRL > > support is not available in pre-0.9.7 OpenSSL > > releases. > > > > I have the opportunity to easily upgrade to > 0.9.7g. > > > > Will 0.9.7g provide the suport necessary for > > incorporating CRL handling (in DER format)? Or > should > > a later release be used? > > > > Depends on how much CRL handling you want. If you > can supply the necessary > CRLs to OpenSSL it will use them for certificate > validation. It is the > applications responsibility to obtain the CRLs, for > example downloading them > from a URI. > > Some features of CRLs, such as delta CRLs and > partitioned CRLs aren't > currently supported. They may be in future. > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: > see homepage > OpenSSL project core developer and freelance > consultant. > Funding needed! Details on homepage. > Homepage: http://www.drh-consultancy.demon.co.uk > ______________________________________________________________________ > OpenSSL Project > http://www.openssl.org > User Support Mailing List > openssl-users@openssl.org > Automated List Manager > [EMAIL PROTECTED] > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
