NAME

delta-crl.t - Make a delta CRL as per RFC3280 section 5.2.4

DESCRIPTION

This test walks the reader through using Crypt::OpenSSL::CA to issue a delta CRL. The resulting delta CRL will be compatible with the CRL created by crlv2.t in the same directory.

TEST DATA

CA private key and certificate

Provided by Crypt::OpenSSL::CA::Test. See make-x509-cert.t for details.

Issuer coordinates

Global CRL settings

See details in crlv2.t

Additionally, this CRL is marked as a delta CRL whose base CRL is the one issued by crlv2.t . The corresponding extension is critical, as per RFC3280 section 5.2.4.

Revoked Certificates List

We add a revoked certificate to the CRL, and remove the hold instruction from certificate 0x42.

All done

Now we just have to sign the CRL.

CHECKING THE RESULT

In order for this test to succeed, the various decorations we set up for the CRL must show up in openssl crl or dumpasn1.

To install Crypt::OpenSSL::CA, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Crypt::OpenSSL::CA

CPAN shell

perl -MCPAN -e shell
install Crypt::OpenSSL::CA

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)