Donn Cave wrote:...
I don't think it's OpenLDAP's fault, OpenSSL X509_STORE_add_crl() wouldn't update an existing CRL anyway. I proposed a fix to that, but don't believe I got any response.
Yes, I see this is still true in the current release (OpenSSL 0.9.8d) as well. Googling the OpenSSL mailing lists doesn't turn up your proposed fix, have you got a pointer to that?
I resubmitted it, now [openssl.org #1424]
Donn Cave, donn@u.washington.edu