RE: get info from my own certificate
Thank you for your quick answer, but
unfortunately, the openssl command can get the certificate only from a =
file but it is not useful in case of a smart card.
I have made a library from the OpenVPN project, from which I am able to =
realise a point-to-point connect. This library is able to connect by the =
help of smart cards too, by cryptoapi and pkcs11 API function calls.
When the connect is established, we can get the peer's certificate by =
the SSL_get_peer_certificate() function. I would like to write a similar =
function which could be able to get my own certificate from the SSL =
object, because the certificate is not available in a file in case of =
using smart card connecting.
If it is possible, in case of certificate file, I would like to avoid =
its reopening and rereading, and in case of a smart card to avoid the =
relevant cryptoapi and pkcs11 function calls. Instead of them, uniformly =
I would like to get my own certificate directly from the SSL object, =
similarly than SSL_get_peer_certificate() function does it or with help =
of the verify_callback() function call.
Could you suggest anything?
Thank you very much for your efforts,
From: [email]email@example.com[/email] =
[mailto:firstname.lastname@example.org] On Behalf Of Bernhard Fr=F6hlich
Sent: Tuesday, January 15, 2008 12:21 PM
Subject: Re: get info from my own certificate
Kiss G=E1bor schrieb:[color=blue]
> Dear Everybody,
> May I get some help about the following problem:
> Is there a function to get information about my own certificate?
> I would like to get the common name from my own certificate being in =[/color]
the SSL object.=20[color=blue]
> Is there a function for this probleme or can anybody suggest a =[/color]
> Thank you for your kindness.
> Gabor KISS
If you want to do it manually try openssl x509 -in <yourcert> -noout=20
If you want to use the library have a look at the source code in=20
apps\x509.c. The relevant fuction to call is X509_get_subject_name.
Hope it helps.
OpenSSL Project [url]http://www.openssl.org[/url]
Development Mailing List [email]email@example.com[/email]
Automated List Manager [email]firstname.lastname@example.org[/email]