The command openssl ca -revoke ./demoCA/newcerts/1008.pem -config myconfig.cnf -passin pass:password
seems to just update a database, the 1008.pem is not touched. Can someone tell me what this command really does for revocation. Also why keep a list of revoked certs, just delete them and if not found for an OCSP request then say anything but good. -- View this message in context: http://openssl.6102.n7.nabble.com/openssl-ca-revoke-tp45896.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org