> On May 3, 2018, at 3:06 AM, Anil kumar Reddy
> wrote:
>
> The issue is:
> I am unable to find out the exact command lines or c/c++ program functions to
> prove the SignedCertificate.pem is signed or not. I have spent more than one
> day on researching, but I
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of morthalan
> Sent: Thursday, May 03, 2018 05:51
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] How to prove a Certificate is Signed or not
>
> But In my case, I do not have any root certificate. I have
I got two Ideas. I can verify the certificate by comparing the issuer name
char *s = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
char *i = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0);
int rc = strcmp(s, i);
verifying with public key
EVP_PKEY *caPubkey =
You could:
- Check subject and issuer for sameness.
- Verify the signature with the certificate’s own key. A positive verification
indicates self-signed.
> On May 3, 2018, at 7:18 AM, Salz, Rich via openssl-users
> wrote:
>
>
>
> On 5/3/18, 4:24 AM, "morthalan"
>After the generation of SignedCertificate.pem. I would like to write
function to verify the SignedCertificate.pem, whether it is signed or not.
That is still not an accurate description. By definition, a certificate is
*signed data.* It appears as a bitstring in the X509 data
Sorry for the insufficient explanation on what I did.
I have implemented one c++ code(csrReq.cpp) to generate certificate signing
request(certReq.pem) along with private key(csrPkey.pem). Another c++ code
(signcode.cpp)is to read the user data from certReq.pem and generate the
Signed
On 5/3/18, 4:24 AM, "morthalan" wrote:
No, technically not. I am just searching for a simple method just to check a
certificate is signed by CA or not.
Because. Something like signing check, I am not quite sure, I do not have
proper knowledge on
a root cert is the self signed cert.
On Thu, May 3, 2018 at 2:50 AM, morthalan
wrote:
> But In my case, I do not have any root certificate. I have only one signed
> certificate (SignedCertificate.pem) and one certificate signing request
> (certReq.pem) . So when I
But In my case, I do not have any root certificate. I have only one signed
certificate (SignedCertificate.pem) and one certificate signing request
(certReq.pem) . So when I use it as below
openssl verify -CAfile SignedCertificate.pem SignedCertificate.pem
I am getting error "error 20 at 0 depth
openssl verify -CAfile your_ca_cert.pem SignedCertificate.pem
Hope that helped
Cheers,
Richard
In message <1525335799770-0.p...@n7.nabble.com> on Thu, 3 May 2018 01:23:19
-0700 (MST), morthalan said:
morthalaanilreddy> No, technically not. I am just searching for
Or using the javascript interface
https://www.npmjs.com/package/sack.vfs#interface
https://github.com/d3x0r/sack.vfs/blob/master/tests/tlsTest.js#L28
if( vfs.TLS.validate( {cert:signedCert3, chain:signedCert2+cert} ) )
console.log( "Chain is valid." );
On Thu, May 3, 2018 at 12:36 AM, J
No, technically not. I am just searching for a simple method just to check a
certificate is signed by CA or not.
Because. Something like signing check, I am not quite sure, I do not have
proper knowledge on Openssl.
d3x0r wrote
>
https://github.com/d3x0r/sack.vfs/blob/master/src/tls_interface.cc#L1538
this routine does cert validation but I don't thkn that's what you want
this verified on a connection
https://github.com/d3x0r/SACK/blob/master/src/netlib/ssl_layer.c#L274
which boils down to
Hi everyone,
I am new to opennssl and now I am completely confused. Please help me out
to solve my issue.
I have implemented a code to sign the given CSR certificate (certReq.pem),
then generate openssl signed Certificate (SignedCertificate.pem) using the
details of certReq,pem. The code is
14 matches
Mail list logo