0

My Apache-based application running on my VPS has recently stopped serving SSL transactions.

I am getting errors like the following in the error_log: 

[Tue Aug 24 12:39:00 2010] [warn] Found CRL is expired - revoking all certificates until you get updated CRL
[Tue Aug 24 12:39:00 2010] [error] Certificate Verification: Error (12): CRL has expired

Has anyone had this issue and know of a way of updating the CRLs?

System vitals: Ubuntu 8 Linux 2.6.18-028 Apache 2.2.8 OpenSSL 0.9.8g

1 Answers1

1

False alarm. I had created my own revocation list with openssl which I was using for client authentication and this had expired.

For anyone who is interested there is some great advice on implementing certificate based access control for your sites at:

http://it.toolbox.com/blogs/securitymonkey/howto-securing-a-website-with-client-ssl-certificates-11500

Just make sure your .crl does not expire ;-)