You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → wolfSSL → notBefore & notAfter
Hello,
I'd like to gain access to the dates associated with a peer-certificate, yet can't yet find a way to do that using wolfSSL. How should I go about that?
Also, are the notBefore and notAfter dates of a client-certificate tested (and potentially rejected) via a SSL_CTX_set_verify(..., SSL_VERIFY_PEER | SSL_FAIL_IF_NO_PEER_CERT); ?
If the answer is "no" to both, how can I ensure a client-certificate presented (to a server) has not expired?
thanks much;
Hi topher,
Similar to your other thread about certificate serial numbers (http://yassl.com/forums/topic81-x509-serial-number.html), wolfSSL doesn't provide a way to directly access peer-certificate dates. Is this something that you need?
wolfSSL does all verification internally, including notBefore and notAfter dates. The SSL_CTX_set_verify() function allows you to set options for how the verification is done. Setting SSL_VERIFY_PEER will cause the server to send a certificate request to the client.
Regards,
Chris
wolfSSL - Embedded SSL Library → wolfSSL → notBefore & notAfter
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.021 seconds (93% PHP - 7% DB) with 10 queries