Re: Loading CRL to Client

2006-01-13 Thread am0ykam0te (sent by Nabble.com) 

I tried using these 3 code snippets but my client still accepts the server certificate I included in the CRL.BTW Im using OpenSSL 0.9.6h

pStore = SSL_CTX_get_cert_store(ctx);
pLookup = X509_STORE_add_lookup(pStore, X509_LOOKUP_file());
ret = X509_load_cert_crl_file(pLookup,clientCRL,X509_FILETYPE_PEM);

pStore = SSL_CTX_get_cert_store(ctx);
crl = d2i_X509_CRL_fp(fCRL,NULL);
ret = X509_STORE_add_crl(pStore, crl);

pStore = SSL_CTX_get_cert_store(ctx);
pLookup = X509_STORE_add_lookup(pStore, X509_LOOKUP_file());
ret = X509_load_crl_file( pLookup, clientCRL,X509_FILETYPE_PEM);


View this message in context: Re: Loading CRL to Client
Sent from the OpenSSL - Dev forum at Nabble.com.

Re: Loading CRL to Client

2006-01-13 Thread Rajeshwar Singh Jenwar 

On 1/13/06, am0ykam0te (sent by Nabble.com) [EMAIL PROTECTED] wrote:
my version of openssl does not have the constant flags you included.. (X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL).. 


View this message in context: Re: Loading CRL to ClientSent from the 
OpenSSL - Dev forum at 
Nabble.com. 

Can u show me the full code ?

Re: Loading CRL to Client

2006-01-13 Thread am0ykam0te (sent by Nabble.com) 

My App wont compile because the constants(flags) are not declared in my version of OpenSSL . (0.9.6h)

View this message in context: Re: Loading CRL to Client
Sent from the OpenSSL - Dev forum at Nabble.com.

Re: Loading CRL to Client

2006-01-13 Thread Dr. Stephen Henson 
On Fri, Jan 13, 2006, am0ykam0te (sent by Nabble.com) wrote:

 
 My App wont compile because the constants(flags) are not declared in my 
 version of OpenSSL . (0.9.6h)


CRL checking is not support in OpenSSL 0.9.6 you need 0.9.7 at least.

This should also be in openssl-users.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Loading CRL to Client

2006-01-12 Thread am0ykam0te (sent by Nabble.com) 

Can any body tell me API's on loading crl's on a client.

View this message in context: Loading CRL to Client
Sent from the OpenSSL - Dev forum at Nabble.com.