Checking CA expiration

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Checking CA expiration

From:	Michael Welsh Duggan
Subject:	Checking CA expiration
Date:	Wed, 19 Oct 2011 14:30:44 -0400
User-agent:	Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.90 (gnu/linux)

In our code, we add CAs to our credentials using
gnutls_set_x509_trust_file.  In gnutls 2.x, we then get a list of the
CAs using gnutls_certificate_get_x509_cas which we then use to verify
that at least one of the CAs has not yet expired.  We want to do this
_before_ initiating a session.

Is this possible in gnutls 3.x?  gnutls_certificate_get_x509_cas has
gone away, supposedly in favor of gnutls_certificate_get_issuer(), but
that requires an existing session.

-- 
Michael Welsh Duggan
(address@hidden)

[Prev in Thread]

Current Thread

[Next in Thread]

Checking CA expiration, Michael Welsh Duggan <=
- Re: Checking CA expiration, Nikos Mavrogiannopoulos, 2011/10/20
  - Re: Checking CA expiration, Michael Welsh Duggan, 2011/10/20

Prev by Date: Re: GCM Implementation and TLSCompressed.Length
Next by Date: Re: Checking CA expiration
Previous by thread: GCM Implementation and TLSCompressed.Length
Next by thread: Re: Checking CA expiration
Index(es):
- Date
- Thread