Using X.509 Certificates in TLS
In Chapter 8, X.509 Certificates and PKI, we learned about X.509 certificates, while in Chapter 9, Establishing TLS Connections and Sending Data over Them, we learned about the Transport Layer Security (TLS) protocol and why certificates are important for TLS. We also reviewed some straightforward yet very popular usages of certificates in TLS, such as default server certificate verification performed by OpenSSL, hostname verification, and using an X.509 certificate to accept a TLS server connection.
In this chapter, we will expand on X.509 certificate usage in TLS and cover more advanced use cases.
In this chapter, we will cover the following topics:
- Custom verification of peer certificates in C programs
- Using Certificate Revocation Lists in C programs
- Using the Online Certificate Status Protocol
- Using TLS client certificates