You can check for the Authority Key Identifier and in that the certificate serial number of the issuer.
regards
krishna
On 11/2/06, Bin Lu <[EMAIL PROTECTED]> wrote:
Hi there,
I have 2 certificates in X509 and I want to verify if one cert is the
issuer of the other, not using the (issuer)name comparison. What is
the APIshould I use to verify the signature ? I tried the following but it
doesn't work:
X509 *cert, *issuer;
....
int result = X509_verify(cert, X509_get_pubkey(issuer));
It always returns -1 even when "cert" is issued by "issuer".
Appreciate any input.
-wenwu
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
