HP OpenVMS Systems Documentation

Content starts here
HP Open Source Security for OpenVMS Volume 2: HP SSL for OpenVMS > Chapter 3 Using the Certificate Tool

Hash Certificate Revocations

 » Table of Contents

 » Index

This command is required to PEM-encode third-party certificate revocation lists (CRLs) and ones you create using the OpenSSL command line interface. The mod_ssl directives related to managing client revocation lists (SSLCARevocationPath and SSLCARevocationFile) require hashed CRL files.

To hash certificate revocations, perform the following steps:

  1. Install a trusted root CA's CRL file, or create your own using the OPENSSL CA command (using the OpenSSL command line interface).

  2. Enter the name of the path in which you have installed your CRL files. For example, if you installed CRL files for HP Secure Web Server, the location is APACHE$ROOT:[CONF.SSL_CRL]*.CRL.

  3. Press Return to hash the CRL files at the specified location.

    You can verify the existence of the hashed file in the directory you selected by entering the following command:

    $ DIR APACHE$SPECIFIC:[CONF.SSL_CRL]

    Directory APACHE$SPECIFIC:[CONF.SSL_CRL]

    AE0FEDEE.R0 CA-BUNDLE.CRL DELETE_HASH_FILES.COM

    Total of 3 files.