[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Re: Certs directory for peer certificate validation
From: |
Simon Josefsson |
Subject: |
[Help-gnutls] Re: Certs directory for peer certificate validation |
Date: |
Mon, 15 May 2006 14:05:45 +0200 |
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux) |
Albert Chin <address@hidden> writes:
> OpenSSL has a directory and path for certificates in PEM format used
> to verify a peer certificate (i.e. CAfile and CApath). Does GnuTLS
> have similar functionality?
GnuTLS does not support reading all files in a directory, but it
supports reading CA certificates in PEM format from a file, see
gnutls_certificate_set_x509_trust_file(). You'll call
gnutls_certificate_verify_peers2() to use it.
IIRC, the file may contain more than one CA certificate, so you should
be able to 'cat /somewhere/openssl/somewhere/* > gnutls-cas.pem' and
use that file, or similar
Regards,
Simon