On Thu, Jul 11, 2002 at 07:12:30AM -0700, Patrick Powell wrote:
> Question 1:
>
> Is there a simple way using exported (i.e. - available
> to general use via the openssl library and having definitions
> in openssl.h) OpenSSL functions to do the following:
>
> During the SSL connection process, if a user CERT has
> been presented, get the cert chain?
SSL_get_peer_cert_chain().
> Question 2:
> Now I just KNOW that I saw this, and everybody is going to laugh at this,
> but:
>
> If I have found a CERT using, say, peer = SSL_get_peer_certificate(ssl)
> as in the example above, and I have a list of CERTS in a file or
> directory (i.e. - as for the CA cert, etc), how can I check to see
> if the peer cert (in the example) is in this list or directory?
>
> I just KNOW that I saw this in some SSL or related code, but I cannot
> remember the exact details and searching has not found it again.
OpenSSL itself uses hashes for comparison. If the hashes are identical,
so are the certificates.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
