On 28 Oct 2013, at 11:56, redpath wrote:
> I would like to know why the openssl CA command to revoke a cert
> (myfiletorevoke)
> needs the CA cert other than the cert I want to revoke.
>
> openssl ca -revoke myfiletorevoke -keyfile cakey -cert cacert -passin
> pass:CApass -config myconfig
On 28.10.2013, at 11:56, redpath wrote:
> I would like to know why the openssl CA command to revoke a cert
> (myfiletorevoke)
> needs the CA cert other than the cert I want to revoke.
This is to prove the authority of the operator.
> openssl ca -revoke myfiletorevoke -keyfile cakey -cert ca
On 20-07-2013 13:39, redpath wrote:
Very nice tutorial
http://pki-tutorial.readthedocs.org/en/latest/
So the issue is that there is no real Certificate Management Trust system
available
handling concurrency issues for a Database that works seamless with
revocation commands and
OCSP responder.
Very nice tutorial
http://pki-tutorial.readthedocs.org/en/latest/
So the issue is that there is no real Certificate Management Trust system
available
handling concurrency issues for a Database that works seamless with
revocation commands and
OCSP responder.
For example, using an OCSP responder
On 19.07.2013, at 22:33, redpath wrote:
> The command
>
> openssl ca -revoke ./demoCA/newcerts/1008.pem -config myconfig.cnf -passin
> pass:password
>
> seems to just update a database, the 1008.pem is not touched.
> Can someone tell me what this command really does for revocation.
Correct. You
