Hi everyone,
I'm building an iOS application and trying to check if a certificate, that a
https-connection uses, is a EV certificate.
Does the OpenSSL-libary have a method that gives me that information, if a
given certificate is a EV certificate?
I found the method
Ø X509_get_ext_d2i(certificateX509, NID_certificate_policies, NULL, NULL)
Ø which returns some data depending of the NID provided. Since it is a
void-pointer, I don't know, which data type it returns.
According to x509v3/pcy_cache.c, it returns a pointer to CERTIFICATEPOLICIES.
According
I'm building an iOS application and trying to check if a certificate,
that a https-connection uses, is a EV certificate.
Why?
Wikipedia notes The primary way to identify an EV certificate is by
referencing the Certificate Policies extension field. Each issuer uses a
different object identifier
There is no single OID for Extended Validation. The members of CA/Browser
Forum (CABF) define their own, and then petition the browsers for EV
acceptance. The browsers then add the root certificate to their internal
EV tables, along with the OID they use for EV.
Since OpenSSL does not include