[Help-gnutls] handshaking gnuTLS 0.2.90

Nikos Mavroyanopoulos nmav at hellug.gr
Thu Dec 13 11:30:09 CET 2001

On 13 Dec 2001 10:41:47 +0100 Florent Jugla <fjugla at easter-eggs.com> wrote:

> In that case, the server knew a given CA, (let's call it ca1), but the
> certificate of the client was signed by another CA (ca2). When the
> client sent its certificate, this certificate was accepted by the
> server. Have I got to do a special check in the server implementation in
> order to verify that my server knows the CA the certificate of the
> client was signed with ?
You need to verify the given certificate (this is not automaticaly done
in the handshake). (the function is gnutls_x509pki_get_peer_certificate_status()).

> ok, I tried to use the CVS version, but when I make the project, a file
> is missing (.ltconfig). Do you know what the problem is ?
It is not easy to compile cvs. Read doc/README.CVS

> Thank you
> Florent Jugla

Nikos Mavroyanopoulos
mailto:nmav at hellug.gr

More information about the Gnutls-help mailing list