[openssl-users] Help finding replacement for ASN1_seq_unpack_X509

[Salz, Rich]

> Would it be acceptable to just iterate the stack elements, passing each X509
> through i2d_X509 and appending the results -- would that generate valid
> DER?

Maybe.  It depends on what the receiver is expecting.  If it's willing to read a set of certs until it hits EOF (or equivalent) that's fine.  But if you're sending a SEQUENCE OF certificates then you need to wrap it in an ASN1/DER container. For example, Netscape Cert Sequence

Can you post a code snippet?