Simple blob about publishing CRLs.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20836 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
@@ -171,32 +171,6 @@ CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
||||
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
||||
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
|
||||
@copynext
|
||||
|
||||
Copyright (c) 2005 Doug Rabson
|
||||
All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions
|
||||
are met:
|
||||
1. Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
2. Redistributions in binary form must reproduce the above copyright
|
||||
notice, this list of conditions and the following disclaimer in the
|
||||
documentation and/or other materials provided with the distribution.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
SUCH DAMAGE.
|
||||
|
||||
@copyrightend
|
||||
@end titlepage
|
||||
|
||||
@@ -238,6 +212,7 @@ Setting up a CA
|
||||
@c * Issuing certificates::
|
||||
* Creating a CA certificate::
|
||||
* Issuing certificates::
|
||||
* Issuing CRLs::
|
||||
@c * Issuing a proxy certificate::
|
||||
@c * Creating a user certificate::
|
||||
@c * Validating a certificate::
|
||||
@@ -450,7 +425,7 @@ hxtool issue-certificate \
|
||||
@end example
|
||||
|
||||
|
||||
@node Issuing certificates, Application requirements, Creating a CA certificate, Top
|
||||
@node Issuing certificates, Issuing CRLs, Creating a CA certificate, Top
|
||||
@section Issuing certificates
|
||||
|
||||
First you'll create a CA certificate, after that you have to deal with
|
||||
@@ -487,7 +462,15 @@ The main reason you as a CA administrator have to deal with CRLs however
|
||||
will be that some software require there to be CRLs. Example of this is
|
||||
Windows, so you have to deal with this somehow.
|
||||
|
||||
@node Application requirements, CMS signing and encryption, Issuing certificates, Top
|
||||
@node Issuing CRLs, Application requirements, Issuing certificates, Top
|
||||
@section Issuing CRLs
|
||||
|
||||
@example
|
||||
hxtool crl-sign --crl-file=crl.der --signer=FILE:ca.pem
|
||||
cp crl.der /path/to/published/uri
|
||||
@end example
|
||||
|
||||
@node Application requirements, CMS signing and encryption, Issuing CRLs, Top
|
||||
@section Application requirements
|
||||
|
||||
Application have different requirements on certificates. This section
|
||||
|
||||
Reference in New Issue
Block a user