I am successfully reading the X509 certificate from a PKCS#12 file, and then
wanting to extract the X509 certificate, I am doing this as below. Can
someone verify that this is the correct way to go about doing this as the CA
from where I obtained the PKCS#12 generate a slightly different certificate

the m_pCert member variable is a X509*

CString CDigitalCerts::GetX509Certificate( const CString& rsFilepath )
m_sFilepath = rsFilepath;
CString sCert = "";

if ( !m_pCert )

if ( m_pCert )
// Get certificate data into memory
BIO* pBio = BIO_new( BIO_s_mem() );
PEM_write_bio_X509_AUX( pBio, m_pCert );
char* pszData = NULL;
int count = BIO_get_mem_data( pBio, &pszData );

// xfer to CString:
CString sOut( pszData );
BIO_free( pBio );

const CString sStart = _T("-----BEGIN TRUSTED CERTIFICATE-----");
const CString sEnd = _T("-----END TRUSTED CERTIFICATE-----");

int nIndex = sOut.Find( sStart, 0 );
sOut.Delete( nIndex, sStart.GetLength() );
nIndex = sOut.Find( sEnd, 0 );
sOut.Delete( nIndex, sOut.GetLength() - nIndex );
sCert = sOut;

return sCert;
View this message in context: http://www.nabble.com/Read-X509-cert...html#a11062408
Sent from the OpenSSL - Dev mailing list archive at Nabble.com.

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org