kathleen95...@yahoo.com wrote, On 2009-02-25 10:39: > In regards to the CRLS > http://fedir.comsign.co.il/crl/ComSignCA.crl > http://fedir.comsign.co.il/crl/ComSignSecuredCA.crl > > I have just tried the two CRL’s again, and see that the error is > indeed ffffe009 which corresponds to error code -8183 which would be > “Security library: improperly formatted DER-encoded message.” As per > http://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslerr.html > > The likely issue is that the CRLs are encoded PEM and need to be > changed to DER.
Yes, that's exactly the problem. CRLs must be sent as raw binary DER, not PEM. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
