httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tovo Gianluca" <>
Subject [users@httpd] Apache and mod_SSL CRL checking against client certificate extension
Date Tue, 23 Dec 2003 16:20:12 GMT
Hello everybody,
I'm here after a check on docs and various internet resources to have an autoritative answer.

How it's possible to verify the validity of client certificates in SSL with Apache using the
CDP extension present in the certificate itself? This mechanism allow you to use splitted
CRLs easily.

All I could find it's the CRL management by hand from the webadm restarting the server each
time (or by some crontab scripting) directly from the CA directory.

It's possible?
It's a feature that is going to be introduced in some next mod_SSL releases?
It's up to the developer to write some code on some API to manage that automatic CRL acquisition
and management?

Thanks in advance for you attention.

Gianluca Tovo
Telecom Italia Information Technology S.p.A.
OSS & VAS Solutions
IT Security Products & Services
tel.:   +39/06/91197426
fax:   +39/06/91197331
cell.:  +39/335/5792708

This message and its attachments are addressed solely to the persons
above and may contain confidential information. If you have received
the message in error, be informed that any use of the content hereof
is prohibited. Please return it immediately to the sender and delete
the message. Should you have any questions, please contact us by
replying to
        Thank you

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message