Hello,
I have been searching quite a bit lately but I can't find a way to get yum to fetch a CRL or do OCSP. I have the CDP set in the remote server certificate and I have verified that the crl is reachable.
Any advice would help.
Thank you
YUM revocation check
Re: YUM revocation check
Yum/rpm uses curl to fetch rpms (iirc). Yum/rpm itself doesn't care if the transport is secure or whatever. Downloaded rpms are checked with an rpm gpg key.
Re: YUM revocation check
As yum completely ignores the expiry of the keys used to sign packages, I don't think it cares about certificate revocation either.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
- Posts: 2
- Joined: 2019/08/16 14:20:19
Re: YUM revocation check
ok, thank you to both of you for the responses.