OpenSSL 3 support for status_request_v2
James
openssl-users at natsuki.co.uk
Thu Jun 13 09:12:20 UTC 2024
Hi, I have a requirement to support the TLS status_request_v2 extension for
TLS 1.2 (rfc6961) using OpenSSL 3.x...
Looking at the API I've successfully used SSL_CTX_add_custom_ext() to add
the extension to the client hello, my server code is also picking this and
generating the extension in the server hello, however I can't find an
option to create the certificate status message(after the certificate
message and before server key exchange).
SSL_set_tlsext_status_ocsp_resp() seems to do this but isn't used for
status_request_v2.
Is this the right starting point or is there another API/functions I should
be using? Are there hooks for being able to influence the messages between
server hello and server hello done?
or is there a patch... that already adds this?
Many thanks
James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20240613/79516120/attachment.htm>
More information about the openssl-users
mailing list