Hello Ted,
Thank you for your quick answer, but
unfortunately, the openssl command can get the certificate only from a =
file but it is not useful in case of a smart card.

I have made a library from the OpenVPN project, from which I am able to =
realise a point-to-point connect. This library is able to connect by the =
help of smart cards too, by cryptoapi and pkcs11 API function calls.

When the connect is established, we can get the peer's certificate by =
the SSL_get_peer_certificate() function. I would like to write a similar =
function which could be able to get my own certificate from the SSL =
object, because the certificate is not available in a file in case of =
using smart card connecting.

If it is possible, in case of certificate file, I would like to avoid =
its reopening and rereading, and in case of a smart card to avoid the =
relevant cryptoapi and pkcs11 function calls. Instead of them, uniformly =
I would like to get my own certificate directly from the SSL object, =
similarly than SSL_get_peer_certificate() function does it or with help =
of the verify_callback() function call.

Could you suggest anything?
Thank you very much for your efforts,
Gabor


-----Original Message-----
From: owner-openssl-dev@openssl.org =
[mailtowner-openssl-dev@openssl.org] On Behalf Of Bernhard Fr=F6hlich
Sent: Tuesday, January 15, 2008 12:21 PM
To: openssl-dev@openssl.org
Subject: Re: get info from my own certificate

Kiss G=E1bor schrieb:
> Dear Everybody,
>
> =20
>
> May I get some help about the following problem:
>
> =20
>
> Is there a function to get information about my own certificate?
>
> I would like to get the common name from my own certificate being in =

the SSL object.=20
>
> Is there a function for this probleme or can anybody suggest a =

solution?
>
> Thank you for your kindness.
>
> Gabor KISS
> =20


If you want to do it manually try openssl x509 -in -noout=20
-subject
If you want to use the library have a look at the source code in=20
apps\x509.c. The relevant fuction to call is X509_get_subject_name.

Hope it helps.
Ted


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org