Hi team,I am trying to use CRL to check certificate revocation as following:1 Overrode the get_crl callback function in X509_STORE_CTX, to get the crl from the cache.2 Set flag X509_V_FlAG_CRL_CHECK, just want to check certificate of end entity. 3 During certificate verification, I can see the cr
w this message in context:
http://www.nabble.com/questions-about-CRL-Distribution-Points-extension-in-a-certificate-tp19445116p19445116.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
_
PROTECTED]]
Sent: Wednesday, November 21, 2001 6:58 PM
To: [EMAIL PROTECTED]
Subject: Re: questions about CRL check
Thanks to Leon and Juan.
Maybe it should be OCSP(Online certificate status protocol) instead of OSPF.
When choose "Tools"->"Options"->"Security&q
n my secure email client
obtain the latest CRL list from CA on a regular periodic basis (e.g.,
hourly, daily, or weekly) to make the client more
secure?
have a nice day!
Wooce
- Original Message -
From: "ZILBER,LEONID (HP-NewJersey,ex1)" <[EMAIL PROTECTED]>
To: &l
:[EMAIL PROTECTED]]
Sent: Wednesday, November 21, 2001 1:31 PM
To: [EMAIL PROTECTED]
Subject: Re: questions about CRL check
It seems like there's a problem in concepts, a certifcate cannot
contain a
CRL, but a CRL can contain one or more certificates. Considering that,
a
certificate cannot ev
, 2001 8:49 PM
Subject: questions about CRL check
> Hi,
>
> 1. Does a X.509 certificate be sure to contain a certification
revocation list?
> 2. If a X.509 certificate contains a CRL, is there an interface
defined
in
> it on how to get the latest CRL from CA to replace
Hi,
Can anybody explain me how CRL is used for verification of the client
certificates in OpenSSL? i.e, where and when it is being used in OpenSSL code while
client authentication?
Thanks
Josephine
_
For Rs. 2,000,000 worth of Apte
"René G. Eberhard" wrote:
>
> > But if you remove a revoked certificate from the list, how you can
> > remember
> > the validity period of a certificate ?
>
> It is removed after expiration. And you always remember the validity
> of the period becuase (I hope) you somewhere have a log.
>
> Rega
> But if you remove a revoked certificate from the list, how you can
> remember
> the validity period of a certificate ?
It is removed after expiration. And you always remember the validity
of the period becuase (I hope) you somewhere have a log.
Regards Rene
--
---
Chelo Malagon CSIC RedIRIS wrote:
>
> Hello all,
> I'd like to know if there is any way to remove a certificate from a
> CRL, for example when the validity time of a certificate which has
> been revoked has expired. (like says in the RFC 2459 "An entry may be
> removed from the CRL after appering
10 matches
Mail list logo
