diff options
| author | Werner Koch <wk@gnupg.org> | 2023-06-19 14:25:47 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2023-06-19 14:25:47 +0200 |
| commit | b1ecc8353ae37e48b586a315a228bce964253ffe (patch) | |
| tree | eddda39a8d8f84a92d5a6a705a75c81cd70e2eae /doc/dirmngr.texi | |
| parent | gpgsm: Support SENDCERT_SKI for --call-dirmngr (diff) | |
| download | gnupg2-b1ecc8353ae37e48b586a315a228bce964253ffe.tar.xz gnupg2-b1ecc8353ae37e48b586a315a228bce964253ffe.zip | |
dirmngr: New option --ignore-crl-extensions.
* dirmngr/dirmngr.c (oIgnoreCRLExtension): New.
(opts): Add --ignore-crl-extension.
(parse_rereadable_options): Add to list/
* dirmngr/dirmngr.h (opt): Add ignored_crl_extensions.
* dirmngr/crlcache.c (crl_cache_insert): Implement option.
--
This option is is useful for debugging problems with new CRL
extensions. It is similar to --ignore-cert-extension.
GnuPG-bug-id: 6545
Diffstat (limited to '')
| -rw-r--r-- | doc/dirmngr.texi | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi index f17c6206c..0bf35b72f 100644 --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi @@ -598,6 +598,15 @@ won't be rejected due to an unknown critical extension. Use this option with care because extensions are usually flagged as critical for a reason. +@item --ignore-crl-extension @var{oid} +@opindex ignore-crl-extension +Add @var{oid} to the list of ignored CRL extensions. The @var{oid} is +expected to be in dotted decimal form. Critical flagged CRL +extensions matching one of the OIDs in the list are treated as if they +are actually handled and thus the certificate won't be rejected due to +an unknown critical extension. Use this option with care because +extensions are usually flagged as critical for a reason. + @item --ignore-cert @var{fpr}|@var{file} @opindex ignore-cert Entirely ignore certificates with the fingerprint @var{fpr}. As an |