Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

programmatically convert an x509 certificate into human readable format using openssl api

Tags:

c

openssl

x509

In my C based openssl client I am able to make a an ssl connection to a ssl server, and retrieve the ssl certificates presented by the server using

X509* cert = SSL_get_peer_certificate( SSL *ssl);

Now I want to convert the contents of this X509 certificate in human readable form. Yes I could have simply displayed on console using:

X509_print(stdout,cert);

but I don't want to print it just like that. I want to capture the cert contents into some char buffer, so that I may process it further, before I display it the way I choose to.

Googled as much as I could, remained clueless.

Any hacks around who can help me with that? Thanks in advance.

like image 606
mdk Avatar asked Jul 04 '26 10:07

mdk


1 Answers

Once you have X.509 cert, you can use various X509 functions such X509_get_version, X509_get_notBefore, X509_get_notAfter, X509_get_subject_name etc. You can look x509.h here.

In some cases, like X509_get_subject_name, you will X509_NAME. On X509_NAME, you can use X509_NAME_get_text_by_NID to extract fields such as Common name (by using NID_commonName), Organization etc.

It depends on all what information you want to display. There is no hack. It is just programming. If you need more information, I can post code example also. But I believe that this must be sufficient to get started.

like image 153
doptimusprime Avatar answered Jul 06 '26 03:07

doptimusprime



Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!