CRL Distribution Point
I'm trying out mbed tls. I'm a bit curious about the CRL support. I have figured out how to pass in CRLs when verifying a certificate chain. This works when having hardcoded CRL URLs. But is there support for CRL Distribution Points inside mbed tls? I have found some define but it doesn't seem to be used. I would like to be able to retrieve the CRL URLs from inside a certificate so that I can download the CRLs. Is this supported?
Unfortunately, CRL distribution point extension is not supported at the moment. If you think this extension is needed, you are welcome to create a Pull Request with this feature in our github repository, as long as you follow our coding standards, and sign off a Contributor's License Agreement (CLA).
Mbed TLS Team member