How to cleanup CRL memory used after SSL(OpenSSL) handshake has completed?

Matt Caswell matt at openssl.org
Fri Mar 6 11:24:06 UTC 2020


The CTX needs to be there for the whole time that the SSL is.

Matt

On 06/03/2020 11:17, Hyer Low wrote:
> Noted. Renegotiation has been disable.
> 
> Is there anyway to clean the CTX while let SSL object itself serving the
> tunnel ? Or I can only depend on the CTX ref after the SSL is delete?
> 
> Regards,
> Hyer Low
> 
> 
>> On Mar 6, 2020 at 7:00 PM, <Matt Caswell <mailto:matt at openssl.org>> wrote:
>>
>> One other thing does occur: if you allow renegotiation then you might
>> need access to the cert-store after the initial handshake has completed.
>>
>> Matt
>>
>>
>> On 06/03/2020 10:57, Hyer Low wrote:
>> > All configs can have different cert being setup as well, hence each CTX cert
>> > store might also different and not to be share.
>> >  
>> > Thanks. I'll try and see any possible side effect.
>> >  
>> >  
>> >  
>> > --
>> > Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
>> >  
>>


More information about the openssl-users mailing list