[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnutls] handshaking gnuTLS 0.2.90
From: |
Nikos Mavroyanopoulos |
Subject: |
Re: [Help-gnutls] handshaking gnuTLS 0.2.90 |
Date: |
Thu, 13 Dec 2001 12:30:09 +0200 |
On 13 Dec 2001 10:41:47 +0100 Florent Jugla <address@hidden> wrote:
> In that case, the server knew a given CA, (let's call it ca1), but the
> certificate of the client was signed by another CA (ca2). When the
> client sent its certificate, this certificate was accepted by the
> server. Have I got to do a special check in the server implementation in
> order to verify that my server knows the CA the certificate of the
> client was signed with ?
You need to verify the given certificate (this is not automaticaly done
in the handshake). (the function is
gnutls_x509pki_get_peer_certificate_status()).
> ok, I tried to use the CVS version, but when I make the project, a file
> is missing (.ltconfig). Do you know what the problem is ?
It is not easy to compile cvs. Read doc/README.CVS
> Thank you
> Florent Jugla
--
Nikos Mavroyanopoulos
mailto:address@hidden