Caching CRL/Cert verification

Matthew Lindner mattlindn at
Wed Apr 24 23:11:30 UTC 2019

How do you cache the results of a CRL or Cert verification? When
inspecting the code I see that check_cert() gets called for every
certificate and the code re-verifies every used CRL on every
certificate check. This is similarly done for Certificates where it is
re-verified even if it is already verified. How does one cache that
the signature of a certificate/CRL is valid so that the verification
process is not repeated?

-- Matthew

More information about the openssl-users mailing list