Hi all, I'm writing a little code snippet to just check the validity of a certificate ( and the entire chain preferably ). Whilst using the example code it's easy enough to make the connection and setup a session but being a newbie I'm not clear on what/how I should verify the certs.
So far. SSL_get_peer_cert_chain(ssl); server_cert = SSL_get_peer_certificate (ssl); CHK_NULL(server_cert); cert_name = X509_NAME_oneline (X509_get_subject_name (server_cert),0,0); CHK_NULL(cert_name); cert_issuer = X509_NAME_oneline (X509_get_issuer_name (server_cert),0,0); CHK_NULL(cert_issuer); -> Needs verification here. Searching google shows plenty on how to use "openssl -verify" which doesn't really help. While I start to dig further into the openssl code and try to pull out bits from the '-verifiy' functionality does anybody have any simple code for cert verification ? Cheers. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]