gnutls_x509_trust_list_add_crls man page

gnutls_x509_trust_list_add_crls — API function


#include <gnutls/x509.h>

int gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list, const gnutls_x509_crl_t * crl_list, unsigned crl_size, unsigned int flags, unsigned int verification_flags);


gnutls_x509_trust_list_t list

The list

const gnutls_x509_crl_t * crl_list

A list of CRLs

unsigned crl_size

The length of the CRL list

unsigned int flags

flags from gnutls_trust_list_flags_t

unsigned int verification_flags

gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL


This function will add the given certificate revocation lists to the trusted list. The list of CRLs must not be deinitialized during this structure's lifetime.

This function must be called after gnutls_x509_trust_list_add_cas() to allow verifying the CRLs for validity. If the flag GNUTLS_TL_NO_DUPLICATES is given, then any provided CRLs that are a duplicate, will be deinitialized and not added to the list (that assumes that gnutls_x509_trust_list_deinit() will be called with all=1).

If GNUTLS_TL_VERIFY_CRL is given the CRLs will be verified before being added.


The number of added elements is returned.



Reporting Bugs

Report bugs to <>.
Home page:

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit


3.6.2 gnutls