Publishing CRL information

After creating the CRLs, you must publish them to be accessed by all.

  1. Stop the Apache service using service apache2 stop.
  2. Create a CertEnroll directory for the CRL in the /var/www/openxpki/ directory.
  3. Set openxpki as the owner of this directory, and then configure the permissions to let Apache read and execute, and other services to read only.
    • chown openxpki /var/www/openxpki/CertEnroll
    • chmod 755 /var/www/openxpki/CertEnroll
  4. Add a reference to the Apache alias.conf file using nano /etc/apache2/mods-enabled/alias.conf.
  5. After the <Directory "/usr/share/apache2/icons"> section, add the following: 
            	Alias /CertEnroll/ "/var/www/openxpki/CertEnroll/"
         	<Directory "/var/www/openxpki/CertEnroll">
               Options FollowSymlinks
               AllowOverride None
               Require all granted
         	</Directory>
  6. Add a reference in the apache2.conf file using nano /etc/apache2/apache2.conf.
  7. Add the following in the Apache2 HTTPD server section: 
             	<Directory /var/www/openxpki/CertEnroll>
               Options FollowSymlinks
               AllowOverride None
               Allow from all
         	</Directory>
  8. Start the Apache service using service apache2 start.