Hi,
This is an 'under-the-hood' type question for people familiar with SSL
internals.
We would like to use the OpenSSL library inside a Set-Top-Box (STB).
Unlike a normal computer, a STB has no standard browser (MS Explorer,
Netscape Navigator),
no command line, and no proper file system (as there is no disk).
We need to identify the function(s) from the OpenSSL API,
that should be called on the client side in order to perform the following
operations:
Managing Certificate Authority (CA) -
1. Add/Remove a CA to/from the SSL context
2. Retrieve/Read the list of current CAs from the SSL context
Managing Certificate Revocation Lists (CRLs) of server certificates -
3. Add/Remove a certificate to/from the CRL of the SSL context
4. Retrieve/Read the current CRL of the SSL context
Managing the client's own certificates -
5. Add/Remove a client-certificate to/from the SSL context
6. Retrieve/Read the list of current client certificates from the SSL
context
(can the client have more than one?)
and
7. Get the client-certificate and server-certificate that participated in
establishing an SSL session.
Thanks in advance,
Yaron Sella,
Secure Devices Unit, NDS-TI
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
