Tat Sing Kong wrote: > > Hello, > > I am looking at verifying the OCSP responses, in regard to verifying the > OCSP signer certificate. I have been looking at OCSP_basic_verify, but > can't figure it out, and there's no documentation. Can anyone shed any > light? > > Also, are there any code examples of walking up a CA chain and verifying > certs along the way? >
apps/ocsp.c has an example of the use of this function. Its use is similar to PKCS7_verify() which is also currently undocumented :-) Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Gemplus: http://www.gemplus.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
