skip book previous and next navigation links
go up to top of book: HP Open Source Security for OpenVMS Volume 2:... HP Open Source Security for OpenVMS Volume 2:...
go to beginning of chapter: Using the Certificate Tool Using the Certificate Tool
go to previous page: Hash Certificates Hash Certificates
go to next page: SSL Programming ConceptsSSL Programming Concepts
end of book navigation links

Hash Certificate Revocations 



This command is required to PEM-encode third-party certificate revocation lists (CRLs) and ones you create using the OpenSSL command line interface. The mod_ssl directives related to managing client revocation lists (SSLCARevocationPath and SSLCARevocationFile) require hashed CRL files.

To hash certificate revocations, perform the following steps:

  1. Install a trusted root CA's CRL file, or create your own using the OPENSSL CA command (using the OpenSSL command line interface).

  2. Enter the name of the path in which you have installed your CRL files. For example, if you installed CRL files for HP Secure Web Server, the location is APACHE$ROOT:[CONF.SSL_CRL]*.CRL.

  3. Press Return to hash the CRL files at the specified location.

    You can verify the existence of the hashed file in the directory you selected by entering the following command:

    $ DIR APACHE$SPECIFIC:[CONF.SSL_CRL]

    Directory APACHE$SPECIFIC:[CONF.SSL_CRL]

    AE0FEDEE.R0 CA-BUNDLE.CRL DELETE_HASH_FILES.COM

    Total of 3 files.
go to previous page: Hash Certificates Hash Certificates
go to next page: SSL Programming ConceptsSSL Programming Concepts