[gnutls-help] About CRL "next update" field presence

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Dec 7 09:06:30 CET 2016


On Tue, Dec 6, 2016 at 11:16 PM, Adrien Béraud
<adrien.beraud at savoirfairelinux.com> wrote:
> In the documentation about gnutls_x509_crl_get_next_update:
> "This field is optional in a CRL so it might be normal to get an error
> instead. "
>
> However trying to sign a new CRL without previously calling
> gnutls_x509_crl_set_next_update()
> results in an "ASN1 parser: Value was not found." error.
> Not sure if this behavior is a bug, but it's unexpected for sure.

It can be seen as a bug if we want to support generating CRLs without
this field. As it is now it is not possible to omit this field on CRLs
generated by gnutls as far as I understand.

regards,
Nikos



More information about the Gnutls-help mailing list