[Pki-users] CRL Distribution point
Fraser Tweedale
ftweedal at redhat.com
Mon Jan 4 01:10:16 UTC 2016
On Wed, Dec 23, 2015 at 12:23:01PM +0000, Sam Elliott wrote:
> Hi,
>
> I maybe missing something here, but I have configured CRL distribution
> point within the certificate profile, and this shows up within generated
> certificates, but when I setup the CRL issuing distribution point it
> doesn't seem to have any affect.
>
> I have enabled it, configured pointType to DirectoryName and then pointName
> to crl/master.crl, after revoking some certs I try downloading the CRL but
> get a 404, not sure if I am missing something with the configuration?
>
> Regards,
> Sam
>
Hi Sam,
"DirectoryName" is for an X.500 distinguished name (i.e. an LDAP DN
where the CRL can be found according to RFC 4523 schema).
If you want HTTP access use "URIName" and the apprpriate HTTP URI.
If you need more assistance please show the relevant part of your
profile config.
Cheers,
Fraser
More information about the Pki-users
mailing list