But let me be somewhat more specific. If I use the openssl ca utility,
it is technically possible to revoke a cert which has expired for
instance for one year. If I generate a CRL (via the ca utility) the cert
appears on the CRL.
Does this make any sense?
The crl tool has to be able to include a
Rich Salz wrote:
we got ahold of an AEP1000 crypto accelerator for testing purposes. I am
stumped. The numbers look horrible.
The openssl "speed" program is not good for testing anything other than
the openssl software implementations. It does a repeated
single-threaded call to RSA_sign, etc.
Rich Salz wrote:
Gerd Schering wrote:
Hi,
It is possible (via the ca utility) to revoke certificates that
already have expired.
Hard to say. The ITU X.509 standard says that if a certificate is
revoked, it stays on the CRL for one CRL past its expiration date. In
other words, if the order
Use ./config
threads --prefix=/usr/local/test/openssl/ --openssldir=/usr/share/ssl/
shared zlib
that is without krb5. In default it will take the kerberos libraries.
Thanks
Mathan
> I want to install openssl in my rhl 9 system.
> When I gave
> ./config threads --prefix=/usr/local/test/openssl/
>
Martin Buechler wrote:
Hi,
Just trying to get openssl using various PKCS#11 libraries. I adapted
the Makefile in openssl/apps to include AdNovum's PKCS#11 code from
the contirb section of openssl.org, but there a lots of macro
definitions missing. Searching the web did not yield anything helpfu
