 |
 |
To the best of my knowledge, there's O(10) certificates that use DigiCert Grid CA in the US as most universities have an InCommon CA subscription. These are all host certificate so I'm fairly certain there's minimal risk to do a workaround here. To avoid dropping it when the OpenSSL backend is in use, what if we simply sort any CRL with this particular OID set as critical to the of the list around here: https://github.com/xrootd/xrootd/blob/master/src/XrdTls/XrdTlsTempCA.cc#L188 I've got no interest in trying to redistribute system libraries... especially considering the enormous patch sets that RHEL runs on these. -- Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/2065#issuecomment-1684316408 You are receiving this because you are subscribed to this thread. Message ID: <[log in to unmask]> ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1