On Wed, Nov 21, 2001 at 06:17:21PM +0530, Krishnaswamy R. wrote:
Iam using a certificate verification callback function as follows
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, cert_verify_cb);
In the callback function, in addition to the standard certificate
verification done by OpenSSL, i need to check the subject-name
of the peer certificate.
Since the callback function is called for every certificate in the
certificate chain, from the parameter X509_STORE_CTX *,
how do I know if the current certificate is the peer certificiate?
man SSL_CTX_set_verify:
The depth count is level 0:peer certificate, level 1: CA
certificate, level 2: higher level CA certificate, and so on.
with
depth = X509_STORE_CTX_get_error_depth(ctx);
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]