On Wed, Sep 01, 2004, chiba4mail wrote: > Hi, > I'd like to verify a certificate chain with crl check. > > This is the scenario: > > A->B->C->D(end user) > > a rootCA (A) signed a certificate for an other CA (B) > that signed a certificate for a third CA (C). > The last CA (C) signed an user certificate (D) used > for > authentication. Each CA has own crl, so I have 3 > different crl files. > > How can I verify the chain and the revocation status > using three crl files? > I used X509_verify_cert(X509_STORE_CTX *) function, > but > how can I import in the context more than one crl > file? >
Erm by calling X509_STORE_add_crl() multiple times... Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]