Claws Mail uses GnuTLS...

Colin Leroy colin at colino.net
Fri Oct 10 16:18:26 CEST 2008


... with only one little problem.

I've mailed about that a while ago, and am wondering whether any
progress has been made:

http://www.nabble.com/libgnutls:-Verifying-certificate-chains,-disconnected-td13269707.html

We save the certificate in DER form, so we're able to check whether it
changed, and also able to show it from a list of saved certificates,
like this:

http://colino.net/tmp/offline_cert_check.png

The problem is that in this case, we can't get the signature status. 

It would be very nice to have this issue solved.

The API could look like

gnutls_x509_crt cert_to_check = ...;
gnutls_certificate_credentials_t xcred;

gnutls_certificate_set_x509_trust_file(xcred,
	"/etc/ssl/ca-certificates/ca-bundle.crt",  
	GNUTLS_X509_FMT_PEM);

gnutls_certificate_verify_crt(cert_to_check, xcred);

-- 
Colin





More information about the Gnutls-devel mailing list