[Help-gnutls] CRLs and gnutls_certificate_set_x509_crl_file
Rich Fought
whatever at fsrz.net
Tue Apr 25 17:30:46 CEST 2006
Does the function
gnutls_certificate_set_x509_crl_file
do any sort of checking whatsoever on the CRL file? The documentation
implies that the CRL should be verified beforehand, but I'm not sure
what this means. I know for sure that it does not check dates; does it
check the CRL's signature against the loaded root CA cert?
If not, does the API provide a way to extract the loaded CRL from the
credentials structure and do the checking? Or is a separate deal?
Regards,
Rich
More information about the Gnutls-help
mailing list