Thanks Steve,
this is what I came up with yesterday... (untested as yet)
I'll put that X509_get1_email() trick into it.
Thanks again for your reply...
void dumpCertificate(X509 *cert, char *fileName)
{
char buf[1024];
int ret;
X509_NAME *subj = X509_get_subject_name(cert);
X509_NAME *issuer = X509_get_issuer_name(cert);
FILE *fp;
fp = fopen(fileName,"w");
if (!fp) return;
/* check expiry dates */
if (X509_cmp_current_time(X509_get_notBefore(cert)) >= 0) {
fprintf(fp, "DateValid: false, Certificate date not yet valid");
}
else if (X509_cmp_current_time(X509_get_notAfter(cert)) <= 0) {
fprintf(fp, "DateValid: false, Certificate date expired");
}
else
fprintf(fp, "DateValid: true");
/* Subject commonName */
ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
NID_commonName, buf, 1024);
fprintf(fp, "Subject.CommonName: %s",(ret < 1)?"":buf);
/* Subject Organization name */
ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
NID_organizationName, buf, 1024);
fprintf(fp, "Subject.OrganizationName: %s",(ret < 1)?"":buf);
/* Subject Email Address */
ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
NID_pkcs9_emailAddress, buf, 1024);
fprintf(fp, "Subject.Email: %s",(ret < 1)?"":buf);
/* Issuer Organization name */
ret = X509_NAME_get_text_by_NID(X509_get_issuer_name(cert),
NID_organizationName, buf, 1024);
fprintf(fp, "Issuer.Email: %s",(ret < 1)?"":buf);
fclose(fp);
}
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Phillip J Whillier.
Senior software engineer
Ruling Software
[EMAIL PROTECTED];[EMAIL PROTECTED]
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
