See openssl/crypto/x509/x509_vfy.c for reference. There are functions as X509_verfy_cert and internal_verify just doing the same job as u wanted to do. Hazel --- Krishnam Raju <[EMAIL PROTECTED]> wrote: > Hi, > I also hv posted a similar question. After getting > the issuers name frm the > cert. u hv recvd u hv to read that issuers cert( CAs > cert) and after this u > hv to verify various fields. > I belive there will be some api for doing this. i am > looking for that. > regds > Krishnam Raju > > Brajesh Tiwari wrote: > > > Hi: > > > > I am writing a SSL client using openSSL. The > > client talks to a Netscape secured web server. I > am > > able to get the certificate from the web server. > From > > the certificate, using > > > > X509_get_subject_name() > > and > > X509_get_issuer_name() > > > > I am able to get subject (certificate sender's) > and > > issuer's (certificate issuer's) details. > > > > My question is what exactly should I do, and how, > to verify/authenticate > > the certificate sent to me so that I know that > they are from the > > correct web server. > > > > Thanks. > > Brajesh > > > ______________________________________________________________________ > > OpenSSL Project > http://www.openssl.org > > Development Mailing List > [EMAIL PROTECTED] > > Automated List Manager > [EMAIL PROTECTED] > > ______________________________________________________________________ > OpenSSL Project > http://www.openssl.org > Development Mailing List > [EMAIL PROTECTED] > Automated List Manager > [EMAIL PROTECTED] > __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
