Same problem. I wanted to know where is stocked the Server certificate during the SSL/TLS communication. For example I have my client who connect to a web service using SSL/TLS. I wanted that my client get the certificate used by the server to get his name.
Is it possible? Thanks, Maxime. 2008/6/14 Kah Goh <[EMAIL PROTECTED]>: > Hi, > > I had a look at X509_STORE_CTX_init and I agree that it looks like it might > cause seg fault, although I think it is unlikely. But first, may I ask, what > makes you think it comes from X509_STORE_CTX_init? Was it from a core dump? > It is possible for X509_get _issuer_name to cause segmentation fault as > well. > > Other comments: > > - Use SSL_CTX_get_cert_store(ctx) to get the X509_STORE from SSL_CTX > instead. > - X509_name_oneline is discouraged, according to the documentation. > This is a minor thing though... > > --- Kah > > 2008/6/13 BRACHET Maxime <[EMAIL PROTECTED]>: > > Hi, >> >> Yes, I tried something like this : >> >> char data[256]; >> SSL_CTX *context = (&soap)->ctx; >> X509_STORE *store = context->cert_store; >> X509_STORE_CTX xs_ctx; >> X509_STORE_CTX_init(&xs_ctx,store,NULL,NULL); >> X509 *cert = X509_STORE_CTX_get_current_cert(&xs_ctx); >> fprintf(stderr, "SSL verify error or warning with certificate at depth >> %d: %s\n", X509_STORE_CTX_get_error_depth(&xs_ctx), >> X509_verify_cert_error_string(X509_STORE_CTX_get_error(&xs_ctx))); >> X509_NAME_oneline(X509_get_issuer_name(cert), data, sizeof(data)); >> >> but It give me a segmentation fault error. >> I think it come from that the X509_STORE_CTX_init take in parameter a X509 >> certificate, the one I want to get . >> >> any other idea ? >> >> Thanks, >> Maxime. >> >> 2008/6/13 Klarth <[EMAIL PROTECTED]>: >> >>> Hi >>> >>> I think you want to use X509_STORE_CTX_init to put the X509_STORE in >>> X509_STORE_CTX. >>> --- Kah >>> >>> On Jun 13, 3:36 pm, [EMAIL PROTECTED] ("BRACHET Maxime") wrote: >>> > Hi, >>> > >>> > I am using gSOAP which use openssl. >>> > I establish a connexion to a server using TLS, and I wanted to get the >>> Name >>> > of the Server certificate. >>> > I can access to a X509_STORE trough ctx->cert_store. >>> > But I don't find how to get the Server certificate. >>> > >>> > I found the X509_STORE_CTX_get_current_cert(store) method, but to use >>> it I >>> > need a X509_STORE_CTX. >>> > Is it possible to get a X509_STORE_CTX from a X509_STORE ? >>> > >>> > Thanks in advance. >>> > >>> > Regards, >>> > Maixme >>> >> >> >