I have been working, over the past few weeks, with one of my developers, attempting to support Indirect CRL's through OpenSSL/Stunnel. My initial attempts were to support direct CRL, which seems to work fine with the compile options I've listed below for both OpenSSL and Stunnel.
./config --prefix=/u/publish/dev/openssl/openssl-1.0.0d no-idea no-mdc2 no-rc5 no-md2 no-sse2 ./configure --prefix=/usr/local/stunnel-4.44/ --with-ssl=/usr/local/openssl-1.0.0d/
Reading through the FAQ and general documentation, I'm not finding much useful information on how to enable iCRL support. It may be a simple compile option I'm missing, or perhaps I just didn't find the correct page on the site/documentation, yet. If anyone has any useful information, or can point me in the right direction, the help would be greatly appreciated.
I can provide configuration files and logs if it's of any use in this.
Thank you in advance for any help you may be able to provide! My search continues....
************************* Benjamin Sligar Manager, Development Support P: 703.453.8324 US_DEV_Support@tnsi.com *************************
This e-mail message is for the sole use of the intended recipient(s)and may contain confidential and privileged information of Transaction Network Services. Any unauthorised review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
Benjamin Sligar wrote:
Reading through the FAQ and general documentation, I'm not finding much useful information on how to enable iCRL support.
Stunnel currently does not support indirect CRLs. I have updated my TODO list: http://www.stunnel.org/?page=sdf_todo
Best regards, Michal Trojnara
-
Michal Trojnara -
Sligar, Benjamin