On Tue, Aug 31, 2010 at 2:13 PM, David Woodhouse <dw...@infradead.org> wrote:
In my VPN client I'd like to warn the user when their certificate is almost out of date. Is there a way to get the client certificate from the SSL_CTX after the client cert has been loaded?
Apparently not directly. You can, though, create a new SSL structure from the SSL_CTX, and then use X509 *SSL_get_certificate(SSL *) to get the X509 object. (X509 *SSL_get_peer_certificate(SSL *) is what you use when you want to get the X509 object which contains the certificate that the site you connected to authenticated to you with.) No, SSL_get_certificate is not documented. I just found it looking in the header files. -Kyle H
smime.p7s
Description: S/MIME Cryptographic Signature
