cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: CRL support in CURL

From: <Mahaveer_M_at_Dell.com>
Date: Tue, 23 Jun 2009 08:48:38 +0530

Thanks.
For question 1,
it means on OSs like RHEL 5.3 where curl version < 7.19, there is no way
to do CRL verification using
curl unless its upgraded to 7.19 (if available). Is that correct ?

For question 2,
The default path of the CRL could be that of the default CA path. While
building curl on SLES 11, I see that it takes it
as /etc/ssl/certs. Basically whereever it tries to load the cert from,
to do the verification.

Thanks

-----Original Message-----
From: curl-library-bounces_at_cool.haxx.se
[mailto:curl-library-bounces_at_cool.haxx.se] On Behalf Of Daniel Stenberg
Sent: Monday, June 22, 2009 11:40 PM
To: libcurl development
Subject: Re: CRL support in CURL

On Mon, 22 Jun 2009, Mahaveer_M_at_Dell.com wrote:

> 1. From which version of curl, was the CRL verification support
> introduced ?

7.19.0

> 2. On SLES 11 having curl version 1.19

I suppose that means 7.19.x something.

> I am making use of CURL APIs to do certificate verification. In order
> to do CRL verification, is it must to pass the CRL file option to curl
?

Yes: CURLOPT_CRLFILE

> Doesn't curl take any default file path ?

No. What default path would that be?

-- 
  / daniel.haxx.se
Received on 2009-06-23