-
Enhancement
-
Resolution: Fixed
-
P3
-
1.2.2, 1.4.2
-
b13
-
generic
-
generic
Currently, we do not support the CRLDistributionPoint extension. This means that CRLs must be provided via manually configured CertStores. We should see if can add basic support for the CRLDP extension soon.
This could mean:
. support download via HTTP, etc but not LDAP
. reasonflags must be absent
. CRLissuer must be absent or equal to the certificate issuer
If implemented in this way, the effort should be small and no changes should be required to our CRLRevocationChecker. The code should be improved to be more complete in a future release.
This could mean:
. support download via HTTP, etc but not LDAP
. reasonflags must be absent
. CRLissuer must be absent or equal to the certificate issuer
If implemented in this way, the effort should be small and no changes should be required to our CRLRevocationChecker. The code should be improved to be more complete in a future release.
- duplicates
-
-
- Closed
-
- relates to
-
-
- Resolved
-