On Mon, Jan 16, 2006, Daniel Garca Franco wrote: > Hello! > > I use the v2 of CRL, and i have to revoke the certificates > with 2 extension, CRL Revoke Reason and InvalidityDate, i Know how to > pass the first extension to openssl when i revoke a certificate, but > i don´t know how to pass the second extension. > > I´m using the next command to revoke the certificates: > > $>openssl ca -revoke cert.pem -config my_openssl_config_file.conf > -crl_reason the_reason > >
You specify one of the options: -crl_compromise TIME -crl_CA_compromise TIME this sets the reason code to keyCompromise or cACompromise and the invalidity time to TIME. Where time is in GeneralizedTime format: "YYYYMMDDHHMMSSZ". Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
