[Help-gnutls] CRLs and gnutls_certificate_set_x509_crl_file

Rich Fought whatever at fsrz.net
Tue Apr 25 17:30:46 CEST 2006

Does the function


do any sort of checking whatsoever on the CRL file?  The documentation 
implies that the CRL should be verified beforehand, but I'm not sure
what this means.  I know for sure that it does not check dates; does it 
check the CRL's signature against the loaded root CA cert?

If not, does the API provide a way to extract the loaded CRL from the 
credentials structure and do the checking?  Or is a separate deal?


More information about the Gnutls-help mailing list