OCSP_CRLID_NEW(3) Library Functions Manual OCSP_CRLID_NEW(3) NAME OCSP_CRLID_new, OCSP_CRLID_free, OCSP_crlID_new - OCSP CRL extension SYNOPSIS #include OCSP_CRLID * OCSP_CRLID_new(void); void OCSP_CRLID_free(OCSP_CRLID *crlid); X509_EXTENSION * OCSP_crlID_new(const char *url, long *number, char *time); DESCRIPTION If a client asks about the validity of a certificate and it turns out to be invalid, the responder may optionally communicate which certificate revocation list the certificate was found on. The required data is stored as an ASN.1 CrlID structure in the singleExtensions field of the SingleResponse structure. The CrlID is represented by an OCSP_CRLID object, which will be stored inside the OCSP_SINGLERESP object documented in OCSP_SINGLERESP_new(3). OCSP_CRLID_new() allocates and initializes an empty OCSP_CRLID object. OCSP_CRLID_free() frees crlid. OCSP_crlID_new() accepts the url at which the CRL is available, the CRL number, and/or the time at which the CRL was created. Each argument can be NULL, in which case the respective field is omitted. The resulting CrlID structure is encoded in ASN.1 using X509V3_EXT_i2d(3) with criticality 0. RETURN VALUES OCSP_CRLID_new() returns a new OCSP_CRLID object or NULL if an error occurred. OCSP_crlID_new() returns a new X509_EXTENSION object or NULL if an error occurred. SEE ALSO OCSP_REQUEST_new(3), OCSP_resp_find_status(3), OCSP_response_status(3), X509_EXTENSION_new(3) STANDARDS RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol, section 4.4.2: CRL References HISTORY OCSP_CRLID_new(), OCSP_CRLID_free(), and OCSP_crlID_new() first appeared in OpenSSL 0.9.7 and have been available since OpenBSD 3.2. CAVEATS The function names OCSP_CRLID_new() and OCSP_crlID_new() only differ in case. Linux 6.8.2-arch2-1 January 15, 2022 Linux 6.8.2-arch2-1