Hodie XIV Kal. Aug. MMXI, y...@inbox.lv scripsit:
>If that CRL is trying to revoke that root certificate, what in that CRL
>could ber forged?
If that CRL tells the private key is compromised, how could you trust
this CRL (since it was signed by a compromised private key)?
>CRL can onl
Revoking CA issued certificate requires CA private key. It is
necessary to sign CRL.
Maybe on that other machine were located your CA?
Citējot *Daniel Spannbauer [1]*:
> Am 07/18/2011 08:09 PM, schrieb y...@inbox.lv:
> > is that really a self signed certificate? For self signed
> certificat
Am 07/18/2011 08:09 PM, schrieb y...@inbox.lv:
> is that really a self signed certificate? For self signed certificates
> names of issuer
> are the same as names of subject. In your example OU and CN are not the
> same.
> Also, according to wikipedia, self signed certificates (root
> certificates)
t; Juniper OAC/UAC/Pulse Development
>
>
>
>
>
> *From:* owner-openssl-us...@openssl.org
> [mailto:owner-openssl-us...@openssl.org] *On Behalf Of*
> y...@inbox.lv
>*Sent:* Monday, July 18, 2011 2:10 PM
> *To:* openssl-users@openssl.org
>*Subjec
.
Erik Tkal
Juniper OAC/UAC/Pulse Development
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of y...@inbox.lv
Sent: Monday, July 18, 2011 2:10 PM
To: openssl-users@openssl.org
Subject: Re: revoking crt
is that really a
is that really a self signed certificate? For self signed
certificates names of issuer
are the same as names of subject. In your example OU and CN are not
the same.
Also, according to wikipedia, self signed certificates (root
certificates) cannot be revoked,
although I do not understand wh
