Henrik,
Second, the only way out to the internet is through another proxy (I think a Microsoft ISA server). How can I tell Squid (or OpenSSL) to use this proxy for outgoing CA and CRL verification requests.
Squid does not automatically fetch CRL lists. You have to set up this manually, and install the CRLs in a directory found by openssl.
Hmm.. we really should add a config option to specify the directory.
I thought that the "crlfile" options handled that ... At least that's how I configured my SSL reverse proxy
Cheers Bert
