WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity
wolfssl-examples/ocsp/ocsp_nonblock
History
David Garske 6e65dba8ce Fixes from peer review. Thanks 2022-06-01 09:47:14 -07:00
..
ca_certs Peer review fixes. 2022-05-27 16:08:02 -07:00
Makefile OCSP non-blocking example using Certificate Manager. 2022-05-25 10:54:08 -07:00
README.md Peer review fixes. 2022-05-27 16:08:02 -07:00
google.pem Peer review fixes. 2022-05-27 16:08:02 -07:00
ocsp_nonblock.c Fixes from peer review. Thanks 2022-06-01 09:47:14 -07:00

README.md

OCSP Examples

Online Certificate Status Protocol (OCSP) is used for obtaining the revocation status of an X.509 digital certificate.

OCSP non-blocking example

This uses a google.com certificate chain to demonstrate validating revocation status using an OCSP server.

The Google.com certificate defines OCSP in the X509v3 extension "Authority Information Access" section.

Example usage:

$ ./configure --enable-ocsp CFLAGS="-DHAVE_IO_TIMEOUT -DWOLFSSL_NONBLOCK_OCSP"
$ make
$ sudo make install

% make
gcc -o ocsp_nonblock ocsp_nonblock.c -Wall -I/usr/local/include -Os -L/usr/local/lib -lwolfssl

% ./ocsp_nonblock
Loaded Trusted CA dir ca_certs (ret 1)
Convert Google.com PEM cert to DER (ret 1)
Verify Google.com cert: 1
OCSP Lookup:
	URL: http://ocsp.pki.goog/gts1c3
	Domain: ocsp.pki.goog
	Path: /gts1c3
	Port: 80
OCSP Response: ret 471, nonblock count 409421
Check OCSP for Google.com (ret 1)
Ret = 1: success