pretty-print a certificate revocation
prints information contained in crl to
bio in human-readable form, in the following
- The certificate revocation list version number as defined by the standard, followed in parentheses by the value contained in the version field in hexadecimal notation. See X509_CRL_get_version(3) for details.
- The name of the signature algorithm is printed with X509_signature_print(3).
- The issuer name as returned by X509_CRL_get_issuer(3).
- The times of the last and next updates as returned by X509_CRL_get0_lastUpdate(3) and X509_CRL_get0_nextUpdate(3) are printed with ASN1_TIME_print(3).
- All X.509 extensions directly contained in the certificate revocation list object crl are printed with X509V3_extensions_print(3).
- Information about revoked certificates is retrieved with X509_CRL_get_REVOKED(3), and for each revoked certificate, the following is printed:
- The signature of crl is printed with X509_signature_print(3).
is similar to
X509_CRL_print() except that it prints
These functions are intended to return 1 for success and 0 for error.
BIO_new(3), X509_CRL_new(3), X509_print_ex(3), X509_REVOKED_new(3)
These functions first appeared in OpenSSL 0.9.2 and have been available since OpenBSD 2.6.
Most I/O errors are silently ignored. Even if the information printed is incomplete, these functions may return 1 anyway.
If the version number is invalid, no information from the CRL is printed and the functions fail.