Hello Gabor,
Try SSL_get_certificate().
Note, however, that having an SSL object does not necessarily mean you have=
a certificate.

Yair


-----Original Message-----
From: owner-openssl-dev@openssl.org [mailtowner-openssl-dev@openssl.org] =
On Behalf Of kiss.gabor@cardnet.hu
Sent: Tuesday, January 15, 2008 3:30 PM
To: openssl-dev@openssl.org
Cc: Bernhard Fr?hlich
Subject: RE: get info from my own certificate


Hello Ted,
Thank you for your quick answer, but
unfortunately, the openssl command can get the certificate only from a file=
but it is not useful in case of a smart card.

I have made a library from the OpenVPN project, from which I am able to rea=
lise a point-to-point connect. This library is able to connect by the help =
of smart cards too, by cryptoapi and pkcs11 API function calls.

When the connect is established, we can get the peer's certificate by the S=
SL_get_peer_certificate() function. I would like to write a similar functio=
n which could be able to get my own certificate from the SSL object, becaus=
e the certificate is not available in a file in case of using smart card co=
nnecting.

If it is possible, in case of certificate file, I would like to avoid its r=
eopening and rereading, and in case of a smart card to avoid the relevant c=
ryptoapi and pkcs11 function calls. Instead of them, uniformly I would like=
to get my own certificate directly from the SSL object, similarly than SSL=
_get_peer_certificate() function does it or with help of the verify_callbac=
k() function call.

Could you suggest anything?
Thank you very much for your efforts,
Gabor


-----Original Message-----
From: owner-openssl-dev@openssl.org [mailtowner-openssl-dev@openssl.org] =
On Behalf Of Bernhard Fr=F6hlich
Sent: Tuesday, January 15, 2008 12:21 PM
To: openssl-dev@openssl.org
Subject: Re: get info from my own certificate

Kiss G=E1bor schrieb:
> Dear Everybody,
>
>
>
> May I get some help about the following problem:
>
>
>
> Is there a function to get information about my own certificate?
>
> I would like to get the common name from my own certificate being in
> the SSL object.
>
> Is there a function for this probleme or can anybody suggest a
> solution?
>
> Thank you for your kindness.
>
> Gabor KISS
>


If you want to do it manually try openssl x509 -in -noout -subje=
ct If you want to use the library have a look at the source code in apps\x5=
09.c. The relevant fuction to call is X509_get_subject_name.

Hope it helps.
Ted


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org

This email and any files transmitted with it are confidential material. The=
y are intended solely for the use of the designated individual or entity to=
whom they are addressed. If the reader of this message is not the intended=
recipient, you are hereby notified that any dissemination, use, distributi=
on or copying of this communication is strictly prohibited and may be unlaw=
ful.

If you have received this email in error please immediately notify the send=
er and delete or destroy any copy of this message
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org