Thx lutx, I found there is another SSL function to get peer's certificate, not certificate chain. SSL_get_peer_certificate(SSL). man suggests using it instead of SSL_get_peer_cert_chain.
Jacky On 2003-07-17 at 02:50, Lutz Jaenicke wrote: > On Wed, Jul 16, 2003 at 09:53:24PM -0400, Jue (Jacky) Shu wrote: > > hi all, > > > > which SSL function can return peer's DNS or FQDN name, such as get client's name > > on server side? > > There is no SSL_() function available. You have to retrieve the X.509 > certificate presented and handle it using the X509_* functions. > > man SSL_get_peer_cert_chain > > Then, > X509_NAME_get_text_by_NID(X509_get_subject_name(X509_cert), > NID_commonName, buf, 256) > will extract the CommonName entry in "X509_cert" into buf (buf being a > buffer of 256byte). > > Best regards, > Lutz > -- > Lutz Jaenicke [EMAIL PROTECTED] > http://www.aet.TU-Cottbus.DE/personen/jaenicke/ > BTU Cottbus, Allgemeine Elektrotechnik > Universitaetsplatz 3-4, D-03044 Cottbus > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
