[openssl-users] (Probably) Silly Application Programming Question

Michel michel.sales at free.fr
Wed Jan 13 12:50:54 UTC 2016


Hi Karl,

 

I believe it could be helpful to have a look at the 509_check_host() and do_x509_check() source code in crypto\x509v3\v3_utl.c.

Also, if you want to parse the SAN just for certificate validation, it is now easier to use :

https://www.openssl.org/docs/manmaster/crypto/X509_VERIFY_PARAM_set_flags.html

 

Hope this helps,

 

Regards,

 

Michel.

 

De : openssl-users [mailto:openssl-users-bounces at openssl.org] De la part de Karl Denninger
Envoyé : lundi 11 janvier 2016 04:08
À : openssl-users at openssl.org
Objet : Re: [openssl-users] (Probably) Silly Application Programming Question

 

Yeah, now I just have to figure out how to parse the X509 Extension data from the certificate to pull out the SubjectAltName information.... :-)

There wouldn't be a snippet of code laying around somewhere that does that given a X509 cert as input would there?  It looks a bit arcane....

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160113/5b542f10/attachment-0001.html>


More information about the openssl-users mailing list