Re: How to check if certificate is a EV-SSL certificate?

Mon, 12 May 2014 09:56:26 -0700 

> I'm building an iOS application and trying to check if a certificate,
that a https-connection uses, is a EV certificate.

Why?

Wikipedia notes "The primary way to identify an EV certificate is by
referencing the Certificate Policies extension field. Each issuer uses a
different object identifier (OID) in this field to identify their EV
certificates, and each OID is documented in the issuer's Certification
Practice Statement. As with root certificate authorities in general,
browsers may not recognize all issuers. "  It would seem to be a table
lookup issue.
--
                                                
 Dr. Robert "Woody"     GBS Cybersecurity &     
 Weaver                 Privacy                 
                                                
 IT Security Architect  Cell: 301-524-8138      
                                                

--
It has been said that man is a rational animal. All my life I have
been searching for evidence which could support this.
-- Bertrand Russell


                                                                           
             Steve Behrendt                                                
             <steve.behrendt@n                                             
             etlight.com>                                               To 
             Sent by:                  "openssl-users@openssl.org"         
             owner-openssl-use         <openssl-users@openssl.org>         
             r...@openssl.org                                             cc 
                                                                           
                                                                   Subject 
             05/12/2014 10:59          How to check if certificate is a    
             AM                        EV-SSL certificate?                 
                                                                           
                                                                           
             Please respond to                                             
             openssl-users@ope                                             
                 nssl.org                                                  
                                                                           
                                                                           




Hi everyone,

I'm building an iOS application and trying to check if a certificate, that
a https-connection uses, is a EV certificate.

Does the OpenSSL-libary have a method that gives me that information, if a
given certificate is a EV certificate?


I found the method
X509_get_ext_d2i(certificateX509, NID_certificate_policies, NULL, NULL)
​which returns some data depending of the NID provided. Since it is a
void-pointer, I don't know, which data type it returns.

Thanks heaps!
Steve

Steve Behrendt

steve.behre...@netlight.com
Netlight Consulting GmbH www.netlight.de
Residenzstr. 7, 80333 München
Mobile +49 160 4729799
Amtsgericht München, HRB 189944
Umsatzsteuer-Identifikation: DE276206820
Geschäftsführer: Felix Sprick
Please consider the environment before printing this email.
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of, or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from any
computer.

Reply via email to