Hello Gabor,
Try SSL_get_certificate().
Note, however, that having an SSL object does not necessarily mean you have a
certificate.
Yair
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Tuesday, January 15, 2008 3:30 PM
To: openssl-dev@openssl.org
Cc: Bernhard Fr?hlich
Subject: RE: get info from my own certificate
Hello Ted,
Thank you for your quick answer, but
unfortunately, the openssl command can get the certificate only from a file but
it is not useful in case of a smart card.
I have made a library from the OpenVPN project, from which I am able to realise
a point-to-point connect. This library is able to connect by the help of smart
cards too, by cryptoapi and pkcs11 API function calls.
When the connect is established, we can get the peer's certificate by the
SSL_get_peer_certificate() function. I would like to write a similar function
which could be able to get my own certificate from the SSL object, because the
certificate is not available in a file in case of using smart card connecting.
If it is possible, in case of certificate file, I would like to avoid its
reopening and rereading, and in case of a smart card to avoid the relevant
cryptoapi and pkcs11 function calls. Instead of them, uniformly I would like to
get my own certificate directly from the SSL object, similarly than
SSL_get_peer_certificate() function does it or with help of the
verify_callback() function call.
Could you suggest anything?
Thank you very much for your efforts,
Gabor
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bernhard Fröhlich
Sent: Tuesday, January 15, 2008 12:21 PM
To: openssl-dev@openssl.org
Subject: Re: get info from my own certificate
Kiss Gábor schrieb:
> Dear Everybody,
>
>
>
> May I get some help about the following problem:
>
>
>
> Is there a function to get information about my own certificate?
>
> I would like to get the common name from my own certificate being in
> the SSL object.
>
> Is there a function for this probleme or can anybody suggest a
> solution?
>
> Thank you for your kindness.
>
> Gabor KISS
>
If you want to do it manually try openssl x509 -in <yourcert> -noout -subject
If you want to use the library have a look at the source code in apps\x509.c.
The relevant fuction to call is X509_get_subject_name.
Hope it helps.
Ted
;)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
This email and any files transmitted with it are confidential material. They
are intended solely for the use of the designated individual or entity to whom
they are addressed. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, use, distribution or
copying of this communication is strictly prohibited and may be unlawful.
If you have received this email in error please immediately notify the sender
and delete or destroy any copy of this message
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
