-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi domi,
domi wrote: > After one day pending-status I'll post this message again. ?? At least your message never reached me... > domi wrote: >> Just some last explanations: Of course my scenario is just fictional and I >> won’t try to set up a commercial CA or web-server using it. Only for >> testing purposes isolated from the rest of the world. For testing uses you can still generate the openssl.cnf containing the crlDistributionPoints extension you need before issuing a cert... >> By the way, another problem occurred during my testing: The Apache2 server >> works using a certificate and the CRL has been imported to the browser >> (Firefox in my case. Other browsers will follow). But I don’t have any >> problems to connect to the site although the certificate is revoked. I was >> not able to discover the reason but I’m still searching. Any guesses? certificate verification with CRLs is enabled and the actual CRL is imported ? Bye Goetz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFFxKBl2iGqZUF3qPYRAlw9AJ0TxnzJDt4UhSnV2P/Ef2TmtwCBggCdEHzZ ou1o2wnj4RfFXTWulN05mfk= =1qhx -----END PGP SIGNATURE----- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
