[openssl-users] How to prove a Certificate is Signed or not

J Decker d3ck0r at gmail.com
Thu May 3 08:56:37 UTC 2018


Or using the javascript interface

https://www.npmjs.com/package/sack.vfs#interface

https://github.com/d3x0r/sack.vfs/blob/master/tests/tlsTest.js#L28

if( vfs.TLS.validate( {cert:signedCert3, chain:signedCert2+cert} ) )
    console.log( "Chain is valid." );

On Thu, May 3, 2018 at 12:36 AM, J Decker <d3ck0r at gmail.com> wrote:

> https://github.com/d3x0r/sack.vfs/blob/master/src/tls_interface.cc#L1538
> this routine does cert validation but I don't thkn that's what you want
>
> this verified on a connection.... https://github.
> com/d3x0r/SACK/blob/master/src/netlib/ssl_layer.c#L274
>
> which boils down to....
> SSL_get_peer_certificate ,  SSL_get_verify_result
>
> On Thu, May 3, 2018 at 12:06 AM, Anil kumar Reddy <
> morthalaanilreddy at gmail.com> wrote:
>
>> Hi everyone,
>>
>> I am new to opennssl and now I am completely confused. Please help me out
>> to solve my issue.
>>
>> I have implemented a code to sign the given CSR certificate
>> (certReq.pem), then generate openssl signed Certificate
>> (SignedCertificate.pem) using the details of certReq,pem. The code is like
>> self signing, but I have added new functions to enter additional issuer
>> details. Now I have two private keys one from CA, another from CSR, one CSR
>> (certReq.pem) and Signed Certificate (SignedCertificate.pem). In
>> SignedCertificate.pem, the subject details and the issuer details are
>> different. There is no problem with codes.
>>
>> The issue is:
>> I am unable to find out the exact command lines or c/c++ program
>> functions to prove the SignedCertificate.pem is signed or not. I have spent
>> more than one day on researching, but I am end up with confusion. I do not
>> have any digital certificate chain.
>>
>>
>> Could anyone kindly provide any information regarding this.
>>
>> Thanks in advance,
>>
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180503/b2f18c66/attachment-0001.html>


More information about the openssl-users mailing list