5Mar
Openssl revoke cert doesn’t update database
I'm trying to revoke a self made cert I generated using openssl, but my index database doesn't get updated when I run the revoke command. In my cwd, I have a folder 'demoCA' which has 4 files, index.txt, index.txt.attr, serial, and crlnumber. All are blank except crlnumber has "01" (without quotes) on the 1st line. My cwd has ca.key, ca.pem, and client.pem. When I run
openssl ca -name CA_default -revoke client.pem -keyfile ca.key -cert ca.pem
It prompts me for the password, which I enter successfully, and the program exits without any output. When I check demoCA, nothing has changed. I'm expecting backups of the old index files to have been created and new index files with the database entries for the revocation to have been created. Why doesn't it revoke the cert?
