[Help-gnutls] How to check if a certificate is revoked
Martin Lambers
marlam at marlam.de
Wed May 28 22:01:03 CEST 2008
Hi all,
how do I check if a certificate is revoked?
I created a test CA, signed a certificate, revoked it, and created a CRL
file with this information.
Then I use gnutls_certificate_set_x509_crl_file() in the client program
to set the CRL file. The function returns 1, as expected.
After calling gnutls_certificate_verify_peers2(), I check if the status
contains GNUTLS_CERT_REVOKED, but this is not the case.
Neither openssl s_client nor gnutls-cli seem to support CRL files, so I
was not able to double check that my test setup is correct.
Martin
More information about the Gnutls-help
mailing list