[openssl-users] CRL implementation caching

Mody, Darshan (Darshan) darshanmody at avaya.com
Mon Mar 13 12:48:59 UTC 2017


Hi,

We have modified our codebase to have CRL verification on the incoming certificates. While doing a negative testing with load of certificates I find that the resident memory for the module.

My query is when we have CRL verification enabled does openssl caches incoming certificates?

Please note that we have set SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);

>From the core file generated I am observing many entries of the far-end certificate serial number.

Thanks in Advance

Regards
Darshan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170313/981debca/attachment.html>


More information about the openssl-users mailing list