httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From daniel bryan <danbrya...@gmail.com>
Subject [users@httpd] OCSP & CRL working together
Date Tue, 04 Feb 2014 22:09:43 GMT
Hello all,

I have been attempting to configure httpd to support a hybrid mix of CRL
and OCSP checking.  Currently I have 2 CAs, CA1 and CA2. My OCSP responder
generates data for CA1, and I have a CRL published for CA2.  I have created
2 client auth certificates for testing. When I enable only OCSP I am able
to validate users from CA1.  When I enable only CRL checking I am able to
validate users from CA2.  When I enable both I am not able to validate
either.  Is there a way to configure httpd to use OCSP for one and CRL for
the others, it appears it does both revocation checking technologies for
both client auth certs

--Dan Bryan

Mime
View raw message