[Date Prev][Date Next]
About CRLs support (evolution request) (ITS#2617)
Full_Name: Emmanuel Duru
Version: 2.2.0 alpha
OS: Solaris 8
Submission from: (NULL) (220.127.116.11)
Is it possible (maybe in a next release) to support CRLs ?
By CRLs support, I mean that when performing strong authentication of a client
(TLS/SSL with client certificate), the server should check that the certificate
provided by the client is not in a CRL. Provided OpenSSL is able to manage CRLs
(which should be the case), there should be a mean to set a CRL file in OpenLDAP
configuration, which would pass it to OpenSSL.