Am 03.09.2012 17:55, schrieb Charles Mills: > When I come through my verify_callback routine, I get called successively > with descending certificate depths: > the first time through X509_STORE_CTX_get_error_depth() is 1 and the second > time it is 0. > So it would seem to me that "the depth/length of the whole chain" is > available as the value of > X509_STORE_CTX_get_error_depth() on the first pass through the > verify_callback. > > Or perhaps I have misunderstood the question.
Yes, you misunderstood the question in a way and this is the way it work for me too. But I need to know the length of the chain in the verify-callback. Or, to be more precisely, I want to perform a special action, if I reached the end of the chain. But you answered my question, because I did not realised, that the depth is counting down to zero. So I reached the end, if my depth value is at 0. But thanks to the answer, it helped anyway! Regards Sven > -----Original Message----- > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of Sven Anders > Sent: Monday, September 03, 2012 12:57 AM > To: openssl-users@openssl.org > Subject: Verify depth / get chain length > > Hello, > > I'm using the OpenSSL library for a HTTP proxy. I want to verify the server's > certificates and I use the verify-callback for this. > This works without problems. > > My question is: > > Is it possible to get the depth of the whole certificates chain in the verify > function? I know, that I can get the current depth of the certificate that is > currently checked, but can I get the depth/length of the whole chain? > > If this is not possible, is it possible to call a callback before the > verify-callback to get the depth? > > Regards > Sven Anders > Mit freundlichen Grüßen Sven Anders -- Sven Anders <and...@anduras.de> () UTF-8 Ribbon Campaign /\ Support plain text e-mail ANDURAS intranet security AG Messestraße 3 - 94036 Passau - Germany Web: www.anduras.de - Tel: +49 (0)851-4 90 50-0 - Fax: +49 (0)851-4 90 50-55 Rechtsform: Aktiengesellschaft - Sitz: Passau - Amtsgericht: Passau HRB 6032 Mitglieder des Vorstands: Dipl.-Inf. Sven Anders, Dipl.-Inf. Marcus Junker Vorsitzender des Aufsichtsrats: RA Mark Peters
<<attachment: anders.vcf>>
