Re:crl add?

[cellecial@21cn.com]

 Hi,

I have modified the objectclass certificateAuthority as Michael(thank you very
much,Michael) suggested:

objectclass certificationAuthority
        requires
                objectClass,
                authorityRevocationList;binary,
                certificateRevocationList;binary,
                cACertificate;binary
        allows
                crossCertificatePair;binary
                
Then start slapd,input "ldapadd -D "cn=root,c=CN" -w secret -p 1000 -b -f e6"
to add entry.

e6:
dn:cn=mouse,o=tc,c=CN
cn:mouse
sn:T
authorityRevocationList;binary:/home/openssl/ice.crl
certificateRevocationList;binary:/home/openssl/ca.crl
cACertificate;binary:/home/openssl/126.der
objectclass:person
objectclass:certificationAuthority

The result shows(by Netscape Addressbook):
		mouse 
Name                             mouse 
Last Name                        T 
authorityrevocationlist;binary   0? 40??0   *?H?¡Â      
certificaterevocationlist;binary 0?¨¤0??   0   *?H?¡Â      
cacertificate;binary             0? @0? ?       ~0   *?H?¡Â      
Object Class                     person 
                                 certificationAuthority 
                                 
ice.crl is generated using openssl, ca.crl is generated using 
Microsoft CertServer.They are DER encode. They can't show
contents of CRL.
126.der is generated using openssl too. When 126.der is used 
in objectclass strongAuthenticationUser as userCertificate;binary,
it shows contents well. I don't know why in objectclass 
certificationAuthority, it can't show certificate contents.

Thanks in advance.




                                 


----------------------------------------------
»¶Ó­Ê¹Óà 21CN µç×ÓÓʼþϵͳhttp://www.21cn.com
Thank you for using 21CN Email system