Michael Welsh Duggan <[email protected]> writes: > On Mon, 7 Jun 2010 11:37:11 -0400, Simon Josefsson wrote: > >> Michael Welsh Duggan <[email protected]> writes: >> >>> However, we don't see a way to do that with the certificate/key >>> pair that we load. gnutls_x509_crt_list_verify() looks close, >>> however it does not check the activation/expiration times, and we >>> haven't found a function that lets me get a certificate list from >>> a gnutls_certificate_credentials_t structure. >> >> Doesn't gnutls_x509_crt_list_verify check times? If I read the code for >> gnutls_certificate_verify_peers2, it calls >> _gnutls_x509_cert_verify_peers which calls gnutls_x509_crt_list_verify. >> I can't find any time checks outside of that function. > > Yes, you are correct. gnutls_x509_crt_list_verify() does verify the > times. > > I meant to write that gnutls_x509_crt_verify() does not the times.
Sorry, I meant: I meant to write that gnutls_x509_crt_verify() does not verify the times. > However, we are still confused on how to get from a > gnutls_certificate_credentials_t struct to the list of certificates > that we can pass to gnutls_x509_crt_list_verify(). > > Thanks. -- Michael Welsh Duggan ([email protected]) _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
