This worked...
Thank you very much...
-P>
On 09/08/2010 02:27 PM, Dr. Stephen Henson wrote:
On Tue, Sep 07, 2010, Paul Douglas wrote:
Hi Everyone,
I'm trying to figure out the required openssl c library calls to
check/verify if a certificate
supports Web Server Authentication.
From the command line it looks like I could use
openssl x509 -purpose -in ./certificate -noout
and then check for:
SSL server : Yes
I'd like to perform a similar verification from my application.
I've been searching for examples that indicate how to do this, but so far I
haven't
been able to find any.
You can duplicate that functionality with the function X509_check_purpose().
In that case:
rv = X509_check_purpose(cert, X509_PURPOSE_SSL_SERVER, 0);
Should do the trick.
If the return value is 1 it can be used if 0 it can't. Any other positive
value indicates it is tolerated but not strictly according to standard.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
