[gnutls-help] CTL generation
Nikos Mavrogiannopoulos
nmav at gnutls.org
Fri Aug 11 13:30:17 CEST 2017
On Thu, Aug 10, 2017 at 5:13 PM, Gregory Sloop <gregs at sloop.net> wrote:
> I *think* I understand how to use certtool to generate a CRL - however,
> trying to get explicit confirmation.
> In the case where you have more than one revoked cert:
> Will it work to concatenate all the revoked certs into a single file and
> include all the certs with one --load-certificate
> file-of-concatenated-certs.pem ? [It sure looks that way, but just double
> checking.]
That's the idea. Note however that some old versions of certtool had a
cap on the file size they were reading, so they could choke on large
files and generate incomplete CRLs. If you use anything later than
3.3.18 you should be fine.
regards,
Nikos
More information about the Gnutls-help
mailing list