X509 certificates through API - Openssl

This is a discussion on X509 certificates through API - Openssl ; Kenneth Goldman wrote: > Is there sample code anywhere for how to construct X509 certificates > programmatically, through the API, not the command line? > > The documentation includes the serialization API's, but? > little else. > > I assume, ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: X509 certificates through API

  1. Re: X509 certificates through API

    Kenneth Goldman wrote:

    > Is there sample code anywhere for how to construct X509 certificates
    > programmatically, through the API, not the command line?
    >
    > The documentation includes the serialization API's, but?
    > little else.
    >
    > I assume, since it can be done from the command line, that
    > the code exists and is just not documented. Could I be
    > wrong?


    Well, the code implementing the x509 subcommand of the openssl command
    line tool can be found in apps/x509.c.
    Ciao,
    Richard
    --
    Dr. Richard W. Könning
    Fujitsu Siemens Computers GmbH, IP SW SO 12
    Phone/Fax: +49-89-636-47852 / 48332
    E-Mail: Richard.Koenning@fujitsu-siemens.com

    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  2. X509 certificates through API


    Is there sample code anywhere for how to construct X509 certificates
    programmatically, through the API, not the command line?

    The documentation includes the serialization API's, but?
    little else.

    I assume, since it can be done from the command line, that
    the code exists and is just not documented. Could I be
    wrong?

    --
    Ken Goldman kgold@watson.ibm.com
    914-784-7646 (863-7646)
    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  3. Re: X509 certificates through API

    On Mon, May 19, 2008, Kenneth Goldman wrote:

    >
    > Is there sample code anywhere for how to construct X509 certificates
    > programmatically, through the API, not the command line?
    >
    > The documentation includes the serialization API's, but?
    > little else.
    >
    > I assume, since it can be done from the command line, that
    > the code exists and is just not documented. Could I be
    > wrong?
    >


    Some, but not all, of the API is documented. There are some demos in
    demos/x509 which should help though.

    Steve.
    --
    Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
    OpenSSL project core developer and freelance consultant.
    Homepage: http://www.drh-consultancy.demon.co.uk
    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  4. Re: X509 certificates through API

    On May 19, 2008 02:09:54 pm Kenneth Goldman wrote:
    > Is there sample code anywhere for how to construct X509 certificates
    > programmatically, through the API, not the command line?
    >
    > The documentation includes the serialization API's, but?
    > little else.
    >
    > I assume, since it can be done from the command line, that
    > the code exists and is just not documented. Could I be
    > wrong?
    >

    Hi Ken:

    Well, there are lots of ways to generate a certificate - depends on the level
    to which you want to configure each cert.

    One way is in the code for WvStreams WvX509Mgr::create_selfissued at:

    http://repo.or.cz/w/wvstreams.git?a=...67b75c;hb=HEAD

    Although there are many other ways to do it (do you want to use the settings
    in openssl.cnf? then you may want to take a look at the code in the
    OpenSSL "req" or "ca" apps (in the apps subdirectory - req.c and ca.c)

    Have fun.

    --
    Patrick Patterson
    President and Chief PKI Architect,
    Carillon Information Security Inc.
    http://www.carillon.ca
    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


+ Reply to Thread