httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Samad - Yieldbroker <Alex.Sa...@yieldbroker.com>
Subject [users@httpd] mod_ssl question
Date Wed, 09 Nov 2011 00:37:32 GMT
Hi

With mod_ssl, when I ask it to check client certificates, does it do a look up of the CRL
associated with the certificate, ie does it check the CRL attribute and then use that to grab
a CRL and then use that to verify the list of CRL's or do I have to use a cron job to grab
the crl and place it in the file pointed to by SSLCARevocationFile.

If it's the cron job, I have an issue where the crl is rebuilt once a day, it's not ready
before hand, so there is going to be a few seconds delay in me getting the certificate and
processing if from der to pem and placing it in the right place and then I have to do a httpd
reload to get https to re-read it.

So my only way forward really is to  place a blank file there a few seconds before hand, reload
httpd, grab and process the file and then reload httpd again. Y/N ?

Alex

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message