Hi all, I've already asked here about similar thing before, but as things got a little clearer now (I've read through a load of docs and code...), I guess I can formulate my question a little better now.
My problem is, roughly, this: - I got some CA certificates loaded in the memory (say, in STACK_OF(X509)) - I also have some CRLs loaded in the memory (similarly in STACK_OF(X509_CRL)) - I have a SSL_CTX (which is supposed to create SSLs to handle connections) - I want the incoming certificate to be verified so: a] it's signed by one of CA's from my CA stack (main problem) b] it's not CRL'ed by any of CRLs loaded. After a week of googling I've not been able to find a simple solution to do that, nor a similar code which would do. Could anyone point out a simple set of functions or correct openSSL API layer to do this? Thanks in advance, Mirek Kratochvil ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
