[xmlsec] Custom CRL

Francisco Obispo fobispo at isc.org
Tue May 21 20:32:11 PDT 2013

Tried it,

It never gets called, so I'm wondering if I'm missing something. :-(

So, besides adding the CRL to the key store, is there anything else I need to call to verify the cert? 

Would xmlSecDSigCtxVerify() do the check? or do I need to call another function separately?


On May 21, 2013, at 7:14 PM, Aleksey Sanin <aleksey at aleksey.com> wrote:

> Well, the code clearly uses the crls (it's the same function that
> process crls in the signature). If you have debug version, put
> a break point in the xmlSecOpenSSLX509VerifyCertAgainstCrls() function
> to see if it is called and what's happening inside it.

Francisco Obispo 
Director of Applications and Services - ISC
email: fobispo at isc.org
Phone: +1 650 423 1374 || INOC-DBA *3557* NOC

More information about the xmlsec mailing list