[openssl-users] CRL implementation caching

Mody, Darshan (Darshan) darshanmody at avaya.com
Mon Mar 13 12:48:59 UTC 2017


We have modified our codebase to have CRL verification on the incoming certificates. While doing a negative testing with load of certificates I find that the resident memory for the module.

My query is when we have CRL verification enabled does openssl caches incoming certificates?

Please note that we have set SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);

>From the core file generated I am observing many entries of the far-end certificate serial number.

Thanks in Advance

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170313/981debca/attachment.html>

More information about the openssl-users mailing list