Hi, I came across this yesterday, but I haven't been able to come up with an explanation: Why do some certificates (for lack of a better word) come without revocation lists ? (No obvious errors in fetch-crl.) And how can it be that for some certificates I (and not just me...) have no revocation lists on almost all of my machines, *except* my EMI2 CE ? e.g. EMI1 [root@ceprod05 certificates]# ls -l 58b08* lrwxrwxrwx 1 root root 10 Sep 26 05:22 58b08cb5.0 -> MYIFAM.pem lrwxrwxrwx 1 root root 17 Sep 26 05:22 58b08cb5.namespaces -> MYIFAM.namespaces lrwxrwxrwx 1 root root 21 Sep 26 05:22 58b08cb5.signing_policy -> MYIFAM.signing_policy EMI2: [root@ceprod08 certificates]# ls -l 58b08* lrwxrwxrwx. 1 root root 10 Sep 25 12:08 58b08cb5.0 -> MYIFAM.pem lrwxrwxrwx. 1 root root 17 Sep 25 12:08 58b08cb5.namespaces -> MYIFAM.namespaces -rw-r--r--. 1 root root 1258 Oct 3 06:45 58b08cb5.r0 lrwxrwxrwx. 1 root root 21 Sep 25 12:08 58b08cb5.signing_policy -> MYIFAM.signing_policy Note that both directories contain plenty of fresh revocation lists and are both up to version 1.50-1 Cheers, Daniela -- Sent from the pit of despair ----------------------------------------------------------- [log in to unmask] HEP Group/Physics Dep Imperial College Tel: +44-(0)20-75947810 http://www.hep.ph.ic.ac.uk/~dbauer/