cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: CRL support in CURL

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 23 Jun 2009 07:56:49 +0200 (CEST)

On Tue, 23 Jun 2009, Mahaveer_M_at_Dell.com wrote:

Please don't top-post!! We lose the context (and more).

> it means on OSs like RHEL 5.3 where curl version < 7.19, there is no way to
> do CRL verification using curl unless its upgraded to 7.19 (if available).
> Is that correct ?

Let's put it this way: if you need a libcurl version >= 7.19.0 then yes you do
need a libcurl version >= 7.19.0 installed. How else would it work?

> For question 2,
> The default path of the CRL could be that of the default CA path. While
> building curl on SLES 11, I see that it takes it
> as /etc/ssl/certs. Basically whereever it tries to load the cert from,
> to do the verification.

I'm not aware of any "standard path" or name for a CRL so I wouldn't even know
where a configure check would look for it. But feel free and encouraged to do
some research and provide us with the info or a patch!

-- 
  / daniel.haxx.se
Received on 2009-06-23