My original requirements were to extract the user certificate, the private key, and the CAs. For that I was using the call to PKCS12_parse(...). This satisfied the original requirements. Very easy to find, understand, and use. The new requirements that I have are that I also need to extract a CRL from that PKCS12. I see that there is a CRLBag defined in the IETF RFC 7292 PKCS12 Standard (https://tools.ietf.org/html/rfc7292), so I know a CRL could exist inside a PKCS12. I can't seem to find any API or C++ examples that extract a CRL from a PKSC12. Is there an API, example code, or advice on how to extract a CRL from a PKCS12? Thank you for your time, Rick -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
