LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 11-18-2005, 09:23 AM   #1
djgerbavore
Member
 
Registered: Jun 2004
Location: PA
Distribution: Fedora (latest git kernel)
Posts: 441

Rep: Reputation: 30
Openssl - verify wheather certificate is revoked


i'm writing a client / server application using openssl. So far i got the client checking wheather a certificate is signed by the CA, and wheather it has the same common name as the server the client is suppose to be connecting too. However my problem is when i revoke a server's certificate - the command i use to revoke a certificate is:
Code:
openssl ca -cert ca.crt -keyfile ca.key -revoke ServerName.crt
openssl ca -cert ca.crt -keyfile ca.key -gencrl > mycrl.pem
then i sent the mycrl.pem to all the clients, however, I don't know how to check the file on the client side? I been poking around in man pages for while, and can't find a library function in Openssl that checks wheather a particular certificate is revoke or not? I don't know if it's right under my nose, or i'm just lookin in the wrong section? Any help would be appreicated, because this has been bugging me for some time.

thanks,

djgerbavor3

Last edited by djgerbavore; 11-18-2005 at 09:59 AM.
 
Old 11-21-2005, 07:20 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,534
Blog Entries: 51

Rep: Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601
There's bound to be something in the docs about using CRL's (since you're basically your own CA) or using the OCSP protocol.

//Moderator note: this thread should go to the /Programming forum.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
curl error setting certificate verify locations polo76 Linux - Newbie 3 02-12-2008 06:08 PM
why can't i generate a new certificate with openssl? achouramira Linux - Security 1 04-28-2005 07:15 AM
OpenSSL + Apache certificate, how? The_Nerd Linux - Software 2 12-26-2004 09:18 PM
Thawte Certificate and OpenSSL jqcaducifer Linux - Security 5 10-16-2003 06:43 PM
Certificate with OpenSSL gr33ndata Linux - Security 3 10-03-2003 07:39 AM


All times are GMT -5. The time now is 03:03 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration