[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: CRL with OpenSSL



On Sun, Apr 13, 2014 at 12:21:10PM +0200, Christian Kratzer wrote:
> >I think this is because the CRL Next Update is in the past.  I will
> >renew the CRL to check that.
> 
> yes an expired crl will usually cause validation to fail.

Now with a valid CRL, I still have the same problem: it loads
/etc/openssl/certs/0726b466.r0, then tries and fails on:
/etc/openssl/certs/0726b466.r1
/etc/openssl/cert.pem/0726b466.r0

And then it fails with this complain:
TLS certificate verification: Error, unable to get certificate CRL


-- 
Emmanuel Dreyfus
manu@netbsd.org