Dear all:

I am new in openssl. I have some questions regarding to 'CRL Distribution
Points extension'. I did read the RFC. but it makes me more confused. :-(.

a) a certificate has one and only one 'CRL Distribution Points extension'.
What's configured in this extension is one CRL or multiple CRL(s)?

b) the extension can have multiple CDP(s). Can each CDP have multiple

c) a CDP has 3 optional fields distributionPoint, reasons, and cRLIssuer.
What is used to separate those fields? a comma?

Thanks and looking forward to any reply.

View this message in context:
Sent from the OpenSSL - User mailing list archive at

__________________________________________________ ____________________
OpenSSL Project
User Support Mailing List
Automated List Manager