I've written a callback function to verify certificates because I
need to verify if the user can access some resources.
cert_verify_callback()
{
if ! preverify_ok
log error
return 0
if ! depth // user certificate
check if certificate CN is an allowed user
Hi.
I'm trying to add support for dynamic crl handling to my
application.
The approach I was thinking to use is this:
ssl_verify_callback(...)
{
if preverify_ok is 0
return 0;
extract CRL distrib point from certificate;
connect to it and download CRL fil
Hi.
I'm writing a C program and I need to check if a certificate
is revoked.
Is there an easy way to do it?
In other words I'm looking for a library function(s) that
extract the CDP from the certificate, download the CRL file
from the location and then load it.
Can somebody help me?
Hi.
I'm trying to implement an EAP-TLS server.
Now I can get the TLS handshake start between my server and
the client.
The problem is that after receiving the change_cipher_spec and
the finished message (encrypted) from the client, the ssl
object send an alert message (bad record mac).
What can b
I'm trying to implement an eap-tls server using openssl and
I've found only few examples about using memory BIOs to
perform a TLS handshake.
Can you give me some pointer to documentation about this or
to some examples?
The code that I'm using is very simple:
<...>
SSL_set_accep
