CST * storage = CST_open_file("storage.cst", FALSE, NULL); X509 * cert = ... // Some cert received from server if (CST_get_state(storage, cert) == CST_STATE_VALID) { printf("Certificate is valid"); } else { printf("Certificate expired, have not valid sign or signed by untrusted..."); } CST_free(storage);