OpenSSL question



Hi All

I'm Working on a certificate authority using open ssl and have been for the most part successful over the last 6 months. Now the trial period is over there has been one thing i keep stubbing my toe on and i was hoping someone would be able to help/point me in the right direction.

I am trying to encode the CRL location into the certificates so that they can be automatically updated to revoked certificates. I know that alot of devices allow you to specify the address manually but was hoping that you could generate it as part of either the root CA certificate, Signed device certificate or the signed crl.

Does anyone have any ideas as google is quiet dry on the subject (or maybe my terms are incorrect).

Thanks in advance for any help.



Relevant Pages

  • RE: Slow SSL link
    ... This SSL slowness is usually due to the AIA and CRL location in the ... Certificate Server and then reissue your web certificate. ... https to work just as quickly as http. ...
    (microsoft.public.inetserver.iis.security)
  • Re: OpenSSL question
    ... I am trying to encode the CRL location into the certificates so that ... that you could generate it as part of either the root CA certificate, ... Signed device certificate or the signed crl. ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ...
    (Security-Basics)
  • Re: OpenSSL question
    ... that you could generate it as part of either the root CA certificate, ... Signed device certificate or the signed crl. ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ... Thanks Patrick ...
    (Security-Basics)