i'm writing a client / server application using openssl. So far i got the client checking wheather a certificate is signed by the CA, and wheather it has the same common name as the server the client is suppose to be connecting too. However my problem is when i revoke a server's certificate - the command i use to revoke a certificate is:
openssl ca -cert ca.crt -keyfile ca.key -revoke ServerName.crt
openssl ca -cert ca.crt -keyfile ca.key -gencrl > mycrl.pem
then i sent the mycrl.pem to all the clients, however, I don't know how to check the file on the client side? I been poking around in man pages for while, and can't find a library function in Openssl that checks wheather a particular certificate is revoke or not? I don't know if it's right under my nose, or i'm just lookin in the wrong section? Any help would be appreicated, because this has been bugging me for some time.