Collections:
Other Resources:
OpenSSL "ca -gencrl" - Generate CRL
How to generate a CRL using the OpenSSL "ca" command? I need to publish the CRL to inform users about certificates I have revoked.
✍: FYIcenter.com
If you want to generate a CRL (Certificate Revocation List), you can use the OpenSSL "ca -gencrl" command as shown below:
C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl.exe OpenSSL> ca -gencrl -keyfile my_ca.key -cert my_ca.crt -out my_ca.crl Using configuration from C:\local\OpenSSL-Win32\bin\openssl.cfg Enter pass phrase for my_ca.key:fyicenter OpenSSL>exit C:\Users\fyicenter>type my_ca.crl -----BEGIN X509 CRL----- MIIBnTCCAQYCAQEwDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNVBAYTAlVTMQswCQYD VQQIDAJUWDENMAsGA1UEBwwEQ2l0eTEWMBQGA1UECgwNRllJY2VudGVyLmNvbTER MA8GA1UECwwIU2VjdXJpdHkxGjAYBgNVBAMMEUZZSWNlbnRlciBSb290IENBMSQw IgYJKoZIhvcNAQkBFhVyb290LWNhQGZ5aWNlbnRlci5jb20XDTE2MDkwMjE4MDQx OVoXDTE2MTAwMjE4MDQxOVowKjATAgIQABcNMTYwOTAxMDAzNDI2WjATAgIQAhcN MTYwOTAxMDE0MzQ2WqAPMA0wCwYDVR0UBAQCAhAAMA0GCSqGSIb3DQEBCwUAA4GB AJi8u8UZ23ygK/bZP4rMXOiFwcK+edwYZGa8or9U76j4yA7u7qlEg5VwzTn0FcEF FITl85awHJGehuTE3b3uCR/UtgFnR6OHFN6U+DsJbBrw8573ardp+a3dxRLbiVec DIPxvSpdHqAEe5Z3bcc9ZfEj2BueC0Q0q3dAUy0533JL -----END X509 CRL-----
Notes about the above test:
⇒ OpenSSL "crl -text" - View CRL in Test Format
2016-09-10, 13438🔥, 0💬
Popular Posts:
Certificate Summary: Subject: GeoTrust Primary Certification Authority - G3 Issuer: GeoTrust Primary...
How to convert a certificate file in DER (Distinguished Encoding Rules) format to PEM (Privacy Enhan...
Certificate Summary: Subject: sni.dreamhost.com Issuer: sni.dreamhost.com Expiration: 2025-08-08 18:...
How to manage certificates in Mozilla Firefox 47 browser? Where is the Certificate Manager in Mozill...
How to export a certificate from a certificate store into a certificate file with Microsoft "certuti...