[openssl-users] How to prove a Certificate is Signed or not
Salz, Rich
rsalz at akamai.com
Thu May 3 12:45:35 UTC 2018
> After the generation of SignedCertificate.pem. I would like to write
function to verify the SignedCertificate.pem, whether it is signed or not.
That is still not an accurate description. By definition, a certificate is *signed data.* It appears as a bitstring in the X509 data structure.
Is this want you want to do? You have a certificate, and a CA key or certificate. You want to know if the CA's public key generated the signature that is in the certificate that you have. Look at the X509_verify function. You will need to take your CA cert (or key) and make a key object, but start with that first manpage and follow the references.
More information about the openssl-users
mailing list