On 04/14/2010 02:58 PM, huican wrote: > Hello, > > I am new to NSS crypto, I just wonder whether there is any easy way to > use my own crl_callback function for CRL check. > No, there isn't a callback, there is a verify function that allows you to control just about every possible semantic of revocation checking. In that case you can turn off CRL checking all together, and do your CRL check later by hand. > I have a situation that some other process downloaded/parsed the CRLs > into a shared memory (so not in NSS DB) already, also FYI that shared > memory is a hashtable which stores the CRL's Revoke_reason while the > key is based on the CRL's issername + something else, (so there is no > real CRL file there). > > I can attach to that hashtable and get the reason string if I know the > issueDN and serialNumber. > > I am using the mozilla-ldap-c-sdk from above level, and can I set my > own crl callback function there? > unfortunately mozilla-ldap-c-sdk doesn't use that interface;(.
bob > Thanks >
-- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
