* Nikos Mavrogiannopoulos: > On Fri, Jun 4, 2010 at 10:49 AM, Florian Weimer <[email protected]> wrote: >> * Nikos Mavrogiannopoulos: >> >>>> May I assume that the first certificate returned by >>>> gnutls_certifcate_get_peers contains public key material which >>>> actually corresponds to the private key material which was used to >>>> establish the ssession? >> >>> No. That would be the last certificate in the chain. >> >> But the documentation says: >> >> Get the peer's raw certificate (chain) as sent by the peer. These >> certificates are in raw format (DER encoded for X.509). In case of >> a X.509 then a certificate list may be present. The first >> certificate in the list is the peer's certificate, following the >> issuer's certificate, then the issuer's issuer etc. >> So which one is correct? 8-) > > The documentation is correct. Did I really say the thing above? :)
Yes, but that was a long time ago. 8-) Thanks for the clarification. -- Florian Weimer <[email protected]> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
