<DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2>Hi </FONT></SPAN>,<SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2> </FONT></SPAN></DIV> <DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2></FONT></SPAN> </DIV> <DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2>I am using Stunnel to protect one of my server. I am able to configure the stunnel properly</FONT> <FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2>with the help of stunnel. Now i am trying to use the revocation list concept in the stunnel.</FONT></SPAN></DIV> <DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2></FONT></SPAN> </DIV> <DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff
size=2>For using the stunnel revocation list i performed the following steps.</FONT></SPAN></DIV> <DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2></FONT></SPAN> </DIV> <DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2> <DIV>1. for generating the CRL file </DIV> <DIV>openssl ca -gencrl -keyfile <I>ca_key</I> -cert <I>ca_crt</I> -out my_crl.pem</DIV> <DIV> </DIV> <DIV>2. for revoking the certificates</DIV> <DIV>openssl ca -revoke <I>bad_crt_file</I> -keyfile <I>ca_key</I> -cert <I>ca_crt</I> </DIV> <DIV> </DIV> <DIV>The entry specified in the stunnel.conf file is:-</DIV> <DIV>CRLfile = my_crl.pem</DIV> <DIV> </DIV></FONT></SPAN></DIV> <DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2></FONT></SPAN> </DIV> <DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT
face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2>Surprisingly the client is still able to connect to the server. Is it the problem in my configuration or it is a bug of stunnel.</FONT></SPAN></DIV> <DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2></FONT></SPAN> </DIV> <DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2>Regards,</FONT></SPAN></DIV> <DIV dir=ltr align=left><SPAN class=872093904-05062007><FONT face="‚l‚r ‚oƒSƒVƒbƒN" color=#0000ff size=2>Piyush</FONT></SPAN></DIV><p>
<hr size=1>Need a vacation? <a href="http://us.rd.yahoo.com/evt=48256/*http://travel.yahoo.com/;_ylc=X3oDMTFhN2hucjlpBF9TAzk3NDA3NTg5BHBvcwM1BHNlYwNncm91cHMEc2xrA2VtYWlsLW5jbQ--">Get great deals
to amazing places </a>on Yahoo! Travel.