httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Samad - Yieldbroker <>
Subject [users@httpd] mod_ssl question
Date Wed, 09 Nov 2011 00:37:32 GMT

With mod_ssl, when I ask it to check client certificates, does it do a look up of the CRL
associated with the certificate, ie does it check the CRL attribute and then use that to grab
a CRL and then use that to verify the list of CRL's or do I have to use a cron job to grab
the crl and place it in the file pointed to by SSLCARevocationFile.

If it's the cron job, I have an issue where the crl is rebuilt once a day, it's not ready
before hand, so there is going to be a few seconds delay in me getting the certificate and
processing if from der to pem and placing it in the right place and then I have to do a httpd
reload to get https to re-read it.

So my only way forward really is to  place a blank file there a few seconds before hand, reload
httpd, grab and process the file and then reload httpd again. Y/N ?


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message