Hello, I’ve set up an Apache webserver for some testing purposes. I’ve also built my own little CA, I can create certificates and CRLs (using the commandline for everything). Everthing works quiet fine but now I’ve got the following question concerning CRL Distribution Points / Partitioned CRLs.
Assume that I’ve got a lot of certificates and and lot of them are revoked. Is it possible to create a CRL (called A) for the first part of my certificates and a second CRL (called B) for the second part of my certitificates? Going one step further, I want to have a look at my index.txt (where I can find all my issued certificates) and create a CRL telling openssl the range of the certificates. Is there a command (an option or something else) that my CRL will begin with the certificate X (serialnumber X) and end with the certificate Y (serialnumber Y)? I’m thankful for any ideas. Please let me know if you need further information like my config-files or something else. best regards domi -- View this message in context: http://www.nabble.com/Question-about-Partitioned-CRLs--how-to-split-a-CRL--tf3419056.html#a9529138 Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
