[openssl-users] Should I / How to remove expired certificates from CRL

Wouter Verhelst wouter.verhelst at fedict.be
Thu Feb 9 11:40:49 UTC 2017

Previous message: [openssl-users] Should I / How to remove expired certificates from CRL
Next message: [openssl-users] Should I / How to remove expired certificates from CRL
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 09-02-17 10:58, PM Extra wrote:
> Should I remove expired certificates from CRL？

No. The date of the revocation, which can be found in the CRL, is still 
relevant for checking when older certificates were revoked, in case you 
ever need to check signatures on older messages.

-- 
Wouter Verhelst

Previous message: [openssl-users] Should I / How to remove expired certificates from CRL
Next message: [openssl-users] Should I / How to remove expired certificates from CRL
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the openssl-users mailing list