[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Checking CA expiration
From: |
Michael Welsh Duggan |
Subject: |
Checking CA expiration |
Date: |
Wed, 19 Oct 2011 14:30:44 -0400 |
User-agent: |
Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.90 (gnu/linux) |
In our code, we add CAs to our credentials using
gnutls_set_x509_trust_file. In gnutls 2.x, we then get a list of the
CAs using gnutls_certificate_get_x509_cas which we then use to verify
that at least one of the CAs has not yet expired. We want to do this
_before_ initiating a session.
Is this possible in gnutls 3.x? gnutls_certificate_get_x509_cas has
gone away, supposedly in favor of gnutls_certificate_get_issuer(), but
that requires an existing session.
--
Michael Welsh Duggan
(address@hidden)
- Checking CA expiration,
Michael Welsh Duggan <=