Remove old certificates from Revocation Index

Started by pingus, September 03, 2024, 11:11:31 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 03, 2024, 11:11:31 AM
Hi

I have about 10 old certificates listed in Trust -> Revocation Index. They all have no CRL Name. If I want to add a CRL Name I get the following errors:

Certificate does not seem to exist
or
Cert revocation error: CA certificate invalid: invalid date

If I want to add the CRL to the haproxy and run the systax test I get the following:

[NOTICE] (78607) : haproxy version is 2.8.10-f28885f
[NOTICE] (78607) : path to executable is /usr/local/sbin/haproxy
[ALERT] (78607) : config : Couldn't open the ca-file '/tmp/haproxy/ssl/66d6c087b4b4f5.93264053.crllist' (no certificate or crl found).
[ALERT] (78607) : config : parsing [/usr/local/etc/haproxy.conf.staging:166] : 'bind *:4443' in section 'frontend' : 'crl-file' : unable to load /tmp/haproxy/ssl/66d6c087b4b4f5.93264053.crllist
[ALERT] (78607) : config : Error(s) found in configuration file : /usr/local/etc/haproxy.conf.staging
[ALERT] (78607) : config : Fatal errors found in configuration.

How can I remove those entries and start with a clean revocation list?

Print
Go Up Pages1
User actions