add Certificate Revocation List（crl）

[polaris-alioth]

redis can use tls, but there is no CRL interface. lack of ability to revoke certificates.

[yossigo]

@polaris-alioth I support certificate revocation checking, but I'm not sure simply accepting a CRL file is enough to be usable by most users. Who's going to update the file? What are users expected to do when different certs have different CRLs?

[zuiderkwast]

Perhaps we should aim at supporting OCSP stapling?

I don't mind we also support crl since it's simple and it doesn't require anyting special from the clients.

[polaris-alioth]

I think crl is an optional feature that users can choose to turn on. the person who enables this capability can update it. I also think crl is relatively simple and use friendly.

What are users expected to do when different certs have different CRLs?

I ignored this before. I'll make adjustments soon.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}