cfssl icon indicating copy to clipboard operation
cfssl copied to clipboard

Published 20 hours ago verified publisher icon cloudflare

Generate RFC 5280 conformant X.509 v2 CRL

Open ArchangelSDY opened this issue 1 year ago • 0 comments

According to official doc, CreateCRL is not RFC 5280 conformant and should be deprecated. This PR replaces it with new API, as well as adds an optional parameter for CRL number when generating CRL.

  • Replace CreateCRL with CreateRevocationList.
  • Replace ParseCRL with ParseRevocationList.
  • Replace ca.pem in testdata with a new one that includes cRLSign key usage.
  • Add an optional parameter to specify CRL number in crl and gencrl.

ArchangelSDY avatar Sep 30 '24 13:09 ArchangelSDY