[openssl-users] How to retrieve the commonName / Alt-Name (DNS-Name) from a .crt file

Serj Rakitov rasjv at yandex.com
Tue Feb 17 19:56:13 UTC 2015

Hi, Christian 

17.02.2015, 12:55, "Christian Parpart" <trapni at gmail.com>:
> I am rather new to OpenSSL development, but I'd like to integrate SSL
> communication in my little HTTP server.
> While this one is working so far, for SNI I actually need to read out the
> server certificates DNS name extenion and commonName subject.

How to get CN and "subject alternative names" from cert you can see this wiki page: http://wiki.openssl.org/index.php/Hostname_validation

> But how do I come from the SSL_CTX to my X509 struct, or how to I do it else?

1. SSL_CTX_set_verify() or SSL_set_verify(),  then in callback  X509_STORE_CTX_get_current_cert()
2. SSL_get_peer_certificate()

Best Regards,

Serj Rakitov

More information about the openssl-users mailing list