On 02/23/2017 11:14 AM, John Dennis wrote:
On 02/23/2017 11:04 AM, Paul Wouters wrote:
Hi,
I'm looking at the best way to get a list of SubjectAltNames of a
CERTCertificate.
Anyone have a pointer (haha) for me ?
CERT_DecodeAltNameExtension
See secu_PrintAltNameExtension() in cmd/lib/secutil.c or
cert_VerifySubjectAltName() in lib/certdb/certdb.c for an examples.
Actually, if all you want to simply grab the names avoiding C code you
can use the nss python binding. Attached is a simple Python script, the
Symantec cert to use as an example, and the output of the script
% python nss_print_subject_alt_names.py symantec.pem
--
John
certificate filename: symantec.pem
certificate subject: CN=www.symantec.com,OU=Corp Mktg & Comms - Online
Exp,O=Symantec Corporation,STREET=350 Ellis Street,L=Mountain
View,ST=California,postalCode=94043,C=US,serialNumber=2158113,businessCategory=Private
Organization,incorporationState=Delaware,incorporationCountry=US
has 25 alternate names
partnernet.symantec.com
partnernet-internal.symantec.com
sites-internal.symantec.com
www.go.symantec.com
www4.symantec.com
sites.symantec.com
sites-qa.symantec.com
my-qa.symantec.com
bcportal.symantec.com
partnernet.norton.com
scm.symantec.com
partnernet-internal.norton.com
partnernet-uat.symantec.com
securityresponse.symantec.com
my.symantec.com
go.symantec.com
sites-uat.symantec.com
partnernet-qa.symantec.com
partnernet-uat.norton.com
partnernet-qa.norton.com
partnernet-sit.symantec.com
www.symantec.com
m.symantec.com
partnernet-temp.symantec.com
my-uat.symantec.com
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
