Revamp CRL checking for client and remote servers:
- completely delegate CRL processing to OpenSSL - introduce a new [Proxy]CARevocationCheck directive - drop ssl_callback_SSLVerify_CRL from ssl_engine_kernel.c - remove X509_STORE from modssl_ctx_t - drop CRL store helper functions from ssl_util_ssl.c - avoid sending "certificate_expired" SSL alerts to peers when the nextUpdate field of a CRL is in the past git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1165056 13f79535-47bb-0310-9956-ffa450edef68
Please register or sign in to comment