> I have a config file for SSL certificates that declares to use the
> x509_extensions crlDistributionPoints with this syntax:
> crlDistributionPoints = URI:http://192.168.1.5/crl/root.crl
This now works in current as of this commit:
https://marc.info/?l=openbsd-cvs&m=169600269021154&w=2
> On Sep 26, 2023, at 11:33 PM, stephane Tranchemer wrote:
>
>>>
>>> Another trouble I found, maybe it's my conf again(?) is that I am unable to
>>> use a section to call out to define common options for x509extensions.
>>> Example, this does not work:
>>>
>>> [ ca ] default_ca = Domain-CA [
Another trouble I found, maybe it's my conf again(?) is that I am unable to
use a section to call out to define common options for x509extensions.
Example, this does not work:
[ ca ] default_ca = Domain-CA [ Domain-CA ] ... x509_extensions =
common_options
[ common_options ] crlDistributionPo
On Wed, Sep 27, 2023 at 09:06:58AM +0900, stephane Tranchemer wrote:
> Hello,
> > > > How-To-Repeat:
> > > Create a config file for SSL certificates that declares to use the
> > > x509_extensions crlDistributionPoints with a RUL target.
> > >
> > > Generate a certificate against this config, there
Hello,
How-To-Repeat:
Create a config file for SSL certificates that declares to use the
x509_extensions crlDistributionPoints with a RUL target.
Generate a certificate against this config, there should be the CRL options
declared.
As far as I can see, the problem is this: your crldp URI conta
> >Description:
> I have a config file for SSL certificates that declares to use the
> x509_extensions crlDistributionPoints with this syntax:
> crlDistributionPoints = URI:http://192.168.1.5/crl/root.crl
>
> however when generation the certificate against this config a check of the
> gene
Synopsis: Creating certificates with a config file declaring
x509_extensions crlDistributionPoints option is being ignored
>Category: libressl
>Environment:
System : OpenBSD 7.3
Details : OpenBSD 7.3 (GENERIC.MP) #1125: Sat Mar 25
10:36:29 MDT 2023
dera...@amd64.o
