can we revoke a client certificate by serial (we are using mutual authentication)?
we tried revoking a certificate using the certificate file but the revocation date is not set to the current date . it is set after 3 hours or so. can anybody explain the reason for that and the way to make the revocation date as the current date.
here is the command that we used to revoke the certificate
openssl ca -revoke /root/lolo.crt -config Certificates/openssl.cnf.my -keyfile /home/testCa/serverCA.key -cert /home/testCa/serverCA.crt
here is the command to generate the crl file
openssl ca -gencrl -out /home/testCa/serverCA.crl -config Certificates/openssl.cnf.my -cert /home/testCa/serverCA.crt -keyfile /home/testCa/serverCA.key
and then we view the crl file
openssl crl -in /home/testCa/serverCA.crl -noout -text