[Help-gnutls] Re: Certs directory for peer certificate validation

Albert Chin help-gnutls at mlists.thewrittenword.com
Mon May 15 16:46:00 CEST 2006

On Mon, May 15, 2006 at 02:05:45PM +0200, Simon Josefsson wrote:
> Albert Chin <help-gnutls at mlists.thewrittenword.com> writes:
> > OpenSSL has a directory and path for certificates in PEM format used
> > to verify a peer certificate (i.e. CAfile and CApath). Does GnuTLS
> > have similar functionality?
> GnuTLS does not support reading all files in a directory, but it
> supports reading CA certificates in PEM format from a file, see
> gnutls_certificate_set_x509_trust_file().  You'll call
> gnutls_certificate_verify_peers2() to use it.

Is there a default CA certificate file or do all clients need to call

albert chin (china at thewrittenword.com)

More information about the Gnutls-help mailing list