[gnutls-devel] Revoked certificate count in CRL is capped at 34
Nikos Mavrogiannopoulos
nmav at gnutls.org
Thu Aug 13 11:32:25 CEST 2015
On Thu, Aug 13, 2015 at 11:07 AM, Zsolt Horvath <zsolt.horvath at skype.net> wrote:
> Hi Nikos,
> Thanks for the prompt reply, really appreciate your looking into this.
> Is there another way to create CRLs with certtool then that wouldn’t require
> revoking all certs at once? Somehow taking an existing CRL as base and add
> only a handful certs each time?
Not that I know of. certtool is very primitive in CRL handling. But
that allows for a nice optimization though. --generate-crl could use
the --load-crl if set and use that as base for the new CRL to be
generated.
The patch set for 3.4 is at:
https://gitlab.com/gnutls/gnutls/compare/50244178cd47f01aa9f3b65c082a992166d140ca...ece060599637990bbaef132f4104d1bd53fb656c
regards,
Nikos
More information about the Gnutls-devel
mailing list