Hi, I'm implementing an HTTP server which will control access using digital certificates furnished from a smartcard device at the browser. Since it will be necessary to check that a cert has not been revoked then this must be done by requesting a Certificate Revocation List (CRL) from the Certification Authority (CA) that issued the certs. I have used the AS/400 LDAP APIs, in a program written in C at this stage, to sucessfully return the CRL data containing the related revoked certs, which I'm told is in a format called X509. However, I am now faced with the problem of how to parse this CRL data in order to extract the serial numbers of the revoked certs. There doesn't appear to be any API, like QsyParseCertificate, that will do this (I'm told all things will be possible when V5 arrives). I can demonstrate that this can be achieved using java but since I have not yet had to resort to java to resolve production issues then I would prefer to use a C or RPG language solution. Has anyone got any experience with this? Cheers, Peter