Re: how to load certificates into a share memory

Mon, 07 Mar 2011 09:25:46 -0800 

Hi,
for 2) it is OK
for 1) I do not understand ...
-- I 'd like to retrieve x509 certificate and store it into a X509 object. I
do not want to converts ANSO DER strings to X509 objects for the moment.
   I want something like this :
             x509* cert;
             cert =
SSL_get_certificate(/home/me/mywork/certificates/server_cert.pem);

-- what did you mean with "you can reference the source code..." ,
"...reference the SSL_use_certificate_file( ) ..." ?
I 'd like to load certificate apart from Handshake process.
Thanks.


2011/2/7 Aro RANAIVONDRAMBOLA <razuk...@gmail.com>

> Thanks,
> I 'd like to know also if there is a way to duplicate certificate issued
> from handshake. In fact, I 'd like to store client certificate in my cache
> and use it later. ( => send it to another client ).
>
> 2011/2/7 lzyzizi <lzyz...@126.com>
>
> 1)All X509 operations are in the x509 module(folder).You may see the x509.h
>> for more details.To load a X509 object , you can use d2i_X509 which converts
>> the ANSI DER strings to X509 object(you can see the openssl doc for more
>> function details).
>> Also,you can reference the source code in ssl folder.I recommend you to
>> reference the "int SSL_use_certificate_file(SSL *ssl, const char *file, int
>> type)" function's  implementation,which will tell you how to load a x509.
>>
>> 2)To get the information from the X509 object, you should see the x509.h.
>> To get  "CN ,OU..." , you can use "X509_NAME *
>> X509_get_issuer_name(X509 *a);" or "X509_NAME *
>> X509_get_subject_name(X509 *a);"
>> To get a serial number , you can use "ASN1_INTEGER *
>> X509_get_serialNumber(X509 *x);"
>>
>>
>> At 2011-02-07 04:08:30,"Aro RANAIVONDRAMBOLA" <razuk...@gmail.com> wrote:
>>
>> Hello,
>> I work with C++ language. I'd like to create a class named "certificate"
>> in which I 'll have a X509 object  and fonctions member like
>> verify_certificate.
>> 1) I would like to know how to load X509 certificate object, I do not see
>> any fonction in the API which can do it ( out of handshake fonctions ).
>> 2) Then How to parse this X509 certificate ( in pem format for example ).
>> I must retrieve "serial number", "cn" etc ...
>> Thanks for your help
>>
>>
>>
>>
>

Reply via email to