Hi,
I m protecting one of my server by using stunnel.
Now I am trying to use the revocation list concept in the stunnel .
For using the revocation list i performed the following steps.
1. For generating the CRL file
openssl ca -gencrl -keyfile ca_key -cert ca_crt -out my_crl.pem
2. for revoking the certificates
openssl ca -revoke bad_crt_file -keyfile ca_key -cert ca_crt
The entry specified in the stunnel.conf file is:-
CRLfile = my_crl.pem
Surprisingly the client is still able to connect to the server. Is it the
problem in my configuration or it is a bug of Openssl.
The steps that i followed are on this site:
http://gagravarr.org/writing/openssl-certs/ca.shtml
Plz suggest me for this issue.
Regards,
Piyush
---------------------------------
Luggage? GPS? Comic books?
Check out fitting gifts for grads at Yahoo! Search.
