[Help-gnutls] Re: Certs directory for peer certificate validation
Albert Chin
help-gnutls at mlists.thewrittenword.com
Mon May 15 16:46:00 CEST 2006
On Mon, May 15, 2006 at 02:05:45PM +0200, Simon Josefsson wrote:
> Albert Chin <help-gnutls at mlists.thewrittenword.com> writes:
>
> > OpenSSL has a directory and path for certificates in PEM format used
> > to verify a peer certificate (i.e. CAfile and CApath). Does GnuTLS
> > have similar functionality?
>
> GnuTLS does not support reading all files in a directory, but it
> supports reading CA certificates in PEM format from a file, see
> gnutls_certificate_set_x509_trust_file(). You'll call
> gnutls_certificate_verify_peers2() to use it.
Is there a default CA certificate file or do all clients need to call
gnutls_certificate_set_x509_trust_file()?
--
albert chin (china at thewrittenword.com)
More information about the Gnutls-help
mailing list