I am configuring my Apache Server to enable checking CA Revocation List, and my Configuration lists as following :
Code:
SSLCARevocationFile /etc/httpd/confi.d/ssl.crt/CRL1.crl
But the server can not start, and the log says:
Code:
Unable to configure X.509 Storage for certificate
If I try this command to view content of my CRL file :
Code:
openssl crl -text -in CRL1.crl -noout
the console shows :
Code:
error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib:647:Expecting: X509 CRL
I think there is something wrong with my CRL file, such as the file format.Is there any requirement to the CRL file? What can I do to enable this CRL file checking?
Any hints will be highly appreciated.
Thanks in advance.