> Would it be acceptable to just iterate the stack elements, passing each X509 > through i2d_X509 and appending the results -- would that generate valid > DER?
Maybe. It depends on what the receiver is expecting. If it's willing to read a set of certs until it hits EOF (or equivalent) that's fine. But if you're sending a SEQUENCE OF certificates then you need to wrap it in an ASN1/DER container. For example, Netscape Cert Sequence Can you post a code snippet? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
