[stunnel-users] CRLPath not working

Michal Trojnara Michal.Trojnara at mobi-com.net
Tue Jun 13 00:21:40 CEST 2006


On 2006-06-12, at 22:17, Nagasundaram, Sekhar wrote:
> We download crls everyday from a CRL server using LDAP and a cronjob.
> These CRLs are stored in the CRLpath directory along with its hash.
> It appears that the stunnel is not refreshing its cache, and it
> still shows "Found CRL is expired - revoking all certificates until
> you get updated CRL" when we try to connect to it even though there is 
> a
> New and valid CRL in the CRLPath folder. Is there a special option
> In Stunnel configuration for it to recognize/cache/add the new hash 
> file

Just to make sure: the problem disappears after restarting stunnel, 
right?

The simple workaround could be disabling all SSL caches:
./configure --with-threads=fork
make clean
make
make install

Can you send your stunnel.conf and debug log?

TIA,
     Mike




More information about the stunnel-users mailing list