[gnutls-devel] Revoked certificate count in CRL is capped at 34

Nikos Mavrogiannopoulos nmav at gnutls.org
Thu Aug 13 11:32:25 CEST 2015

On Thu, Aug 13, 2015 at 11:07 AM, Zsolt Horvath <zsolt.horvath at skype.net> wrote:
> Hi Nikos,
> Thanks for the prompt reply, really appreciate your looking into this.
> Is there another way to create CRLs with certtool then that wouldn’t require
> revoking all certs at once? Somehow taking an existing CRL as base and add
> only a handful certs each time?

Not that I know of. certtool is very primitive in CRL handling. But
that allows for a nice optimization though. --generate-crl could use
the --load-crl if set and use that as base for the new CRL to be

The patch set for 3.4 is at:


More information about the Gnutls-devel mailing list