Hi everyone,
I'd like to check that a client certificat is revoked or not against a crl.
Actually, opensips use context SSL_CTX. How can I do with this context?
I do this change to load the crl :
load_crl(SSL_CTX * ctx, char *filename)
{
LM_DBG("entered load crl\n");
X509_STORE *pStore = SSL_CTX_get_cert_store(ctx);
X509_LOOKUP* plookup = X509_STORE_add_lookup(pStore,
X509_LOOKUP_file());
if (!X509_load_crl_file(plookup, filename, X509_FILETYPE_PEM)){
LM_ERR("unable to load certificate file '%s'\n",
filename);
return -1;
}
LM_DBG("'%s' successfuly loaded\n", filename);
return 0;
}
But I dont know how to add flags, is it the right solution?
Thanks all
--
View this message in context:
http://old.nabble.com/Add-client-certificate-checking-against-a-CRL-in-opensips-tp32496210p32496210.html
Sent from the OpenSER Users Mailing List mailing list archive at Nabble.com.
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
