On Wed, Sep 01, 2004, chiba4mail wrote:

> Hi,
> I'd like to verify a certificate chain with crl check.
> 
> This is the scenario:
> 
> A->B->C->D(end user)
> 
> a rootCA (A) signed a certificate for an other CA (B)
> that signed a certificate for a third CA (C).
> The last CA (C) signed an user certificate (D) used
> for
> authentication. Each CA has own crl, so I have 3
> different crl files.
> 
> How can I verify the chain and the revocation status
> using three crl files?
> I used X509_verify_cert(X509_STORE_CTX *) function,
> but
> how can I import in the context more than one crl
> file?
> 

Erm by calling X509_STORE_add_crl() multiple times...

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to