Errm. Except that returns a long, how do I map that to the definitions listed in include/openssl/x509_vfy.h in order to return something more useful than '20' ?
On Fri, 2005-01-21 at 14:13 +0900, Naoki wrote: > Well, I just added this : > > SSL_get_verify_result( ssl ); > > And with the result being one of the return codes listed here : > http://www.openssl.org/docs/apps/verify.html#DIAGNOSTICS > > Looks like I've answered myself :) > > On Fri, 2005-01-21 at 14:04 +0900, Naoki wrote: > > Hi all, > > > > I'm writing a little code snippet to just check the validity of a > > certificate ( and the entire chain preferably ). Whilst using the > > example code it's easy enough to make the connection and setup a session > > but being a newbie I'm not clear on what/how I should verify the certs. > > > > So far. > > SSL_get_peer_cert_chain(ssl); > > server_cert = SSL_get_peer_certificate (ssl); > > CHK_NULL(server_cert); > > cert_name = X509_NAME_oneline (X509_get_subject_name > > (server_cert),0,0); > > CHK_NULL(cert_name); > > cert_issuer = X509_NAME_oneline (X509_get_issuer_name > > (server_cert),0,0); > > CHK_NULL(cert_issuer); > > > > -> Needs verification here. > > > > Searching google shows plenty on how to use "openssl -verify" which > > doesn't really help. > > > > While I start to dig further into the openssl code and try to pull out > > bits from the '-verifiy' functionality does anybody have any simple code > > for cert verification ? > > > > > > Cheers. > > > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List openssl-users@openssl.org > > Automated List Manager [EMAIL PROTECTED] > Mark "Naoki" Rogers > ---------------------------------------- > Vice President - Systems and Engineering > ValueCommerce > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] Mark "Naoki" Rogers ---------------------------------------- Vice President - Systems and Engineering ValueCommerce ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]