• Registered: 2014-06-03
  • Posts: 10

Topic: CPV (Certificate Path/Chain Validation)

Dear sir,

May I know which function in the WolfSSL library will support Certificate Path Validation following section 6.1 in RFC3280?


Many thanks!! smile

Share

  • From: Bozeman, MT
  • Registered: 2010-10-20
  • Posts: 647

Re: CPV (Certificate Path/Chain Validation)

Hi windsp,

wolfSSL does certificate validation internally during an SSL/TLS connection.  If you need to validate certain peer certificates manually during the SSL/TLS handshake you can do so by registering your own verify callback as the third parameter when calling wolfSSL_CTX_set_verify().  By default the verify callback will only be called upon validation failure unless WOLFSSL_ALWAYS_VERIFY_CB is defined.

If you instead are looking to validate certificates standalone from an SSL/TLS connection, you can use the wolfSSL CertManager functionality.  These functions are found in <wolfssl/ssl.h>.  You can view the API docs at the following URL [1], as well as a simple example [2].

Best Regards,
Chris

[1] https://wolfssl.com/wolfSSL/Docs-wolfss … nager.html
[2] https://github.com/wolfSSL/wolfssl-exam … ertmanager

https://www.wolfssl.com

chrisc's Website

Share