oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

One more crl-sign example.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20873 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2007-06-03 21:54:06 +00:00
parent 03161c046c
commit 94affdf316
1 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
doc/hx509.texi
View File

@@ -465,9 +465,20 @@ Windows, so you have to deal with this somehow.
@node Issuing CRLs, Application requirements, Issuing certificates, Top @node Issuing CRLs, Application requirements, Issuing certificates, Top
@section Issuing CRLs @section Issuing CRLs
Create an empty CRL with not certificates revoked. Default expiration
value is one year from now.
@example @example
hxtool crl-sign --crl-file=crl.der --signer=FILE:ca.pem hxtool crl-sign --crl-file=crl.der --signer=FILE:ca.pem
cp crl.der /path/to/published/uri @end example
Create a CRL with all certificates in the directory
@file{/path/to/revoked/dir} included in the CRL as revoked. Also make
it expire one month from now.
@example
hxtool crl-sign --crl-file=crl.der --signer=FILE:ca.pem \
--lifetime='1 month' DIR:/path/to/revoked/dir
@end example @end example
@node Application requirements, CMS signing and encryption, Issuing CRLs, Top @node Application requirements, CMS signing and encryption, Issuing CRLs, Top