shake kvc wrote: > > I want to be able to store CRLs in the openldap repository so that I can > retrieve them using a LDAP client. > > Basically, the client would be given a LDAP URL as follows: > > ldap://xxx.yyy.com/CN=Challenger(1),CN=xxx,CN=C > DP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=yyy,DC=com?certificateRevocationList?base?objectclass=cRLDistributionPoint > > The client would then open a LDAP request and search for the CRL. > > So I guess my problem would be to be able to store the CRL in cn=CDP, which > belongs to cn=Public Key Services, which is in cn=Services, which is in > cn=Configuration, which is in dc=yyy,dc=com. > > I have already installed openldap and created a suffix "dc=xxx,dc=com". > > However, I didn't see any manual to install/publish the CRL there.
This is rather a LDAP-related question. You might want to ask on the l...@umich.edu or the openldap-technical mailing list. The only thing which is OpenSSL-specific is that the CRL has to be generated/converted with -outform DER. Ciao, Michael. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
