Hi Steve I guess that is not the problem as I will be able to read same CRL file if I place CRL file into another webserver. I am not able to post CRL here as this is open alias.
BTW I want to write test program to check the CRL file. Could you please share the same if you have any? Thanks Radhakrishna. -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: Monday, December 14, 2009 9:02 PM To: openssl-users@openssl.org Subject: Re: Unable to load CRL On Mon, Dec 14, 2009, Radha krishna Meduri -X (radmedur - HCL at Cisco) wrote: > > Hi Patrick > > We are using following code snippet to load CRL's. > > X509_CRL *pCRL, *pTempCRL = 0; > pCRL = d2i_X509_CRL_fp( pfCrlFile, &pTempCRL ); > > if( !pCRL ) > { > rewind(pfCrlFile); > pCRL = PEM_read_X509_CRL(pfCrlFile, &pTempCRL, NULL, 0); } > > rewind(pfCrlFile); > > if( !pCRL ) > { > logEvent( MLOG_ERROR, RADIUS_C_SERVER, "Unable to read CRL file" ); > break; } > > Ultimately we are getting "Unable to read CRL file" if we are loading > DER format CRL. Did you see anything wrong there? > Is the fp opened in binary mode? Text mode translation on that fp will corrupt the CRL loading in DER mode. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
