[openssl-users] (Probably) Silly Application Programming Question

Michel michel.sales at free.fr
Wed Jan 13 12:50:54 UTC 2016

Hi Karl,


I believe it could be helpful to have a look at the 509_check_host() and do_x509_check() source code in crypto\x509v3\v3_utl.c.

Also, if you want to parse the SAN just for certificate validation, it is now easier to use :



Hope this helps,






De : openssl-users [mailto:openssl-users-bounces at openssl.org] De la part de Karl Denninger
Envoyé : lundi 11 janvier 2016 04:08
À : openssl-users at openssl.org
Objet : Re: [openssl-users] (Probably) Silly Application Programming Question


Yeah, now I just have to figure out how to parse the X509 Extension data from the certificate to pull out the SubjectAltName information.... :-)

There wouldn't be a snippet of code laying around somewhere that does that given a X509 cert as input would there?  It looks a bit arcane....


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160113/5b542f10/attachment-0001.html>

More information about the openssl-users mailing list