Reputation: 13347
Get the error string in Openssl certificate error
In openssl, I can get the errorno for the certificate from using the code :
if(SSL_get_peer_certificate(ssl) != NULL){
if((error = SSL_get_verify_result(ssl)) != X509_V_OK){
std::cout << "error no = " << error << std::endl;
}
}
But if I try to get the error string from this error like this:
std::string temp = ERR_error_string(SSL_get_verify_result(ssl), NULL) ;
all i get is:
error:00000013:lib(0):func(0):reason(19)
Is there any way to get the exact reason here? I have loaded the error strings using this code:
SSL_load_error_strings();
But still i dont get the exact reason. And if i try to use
std::string a = ERR_reason_error_string(19);, The program crashes. What am I doing wrong?
Upvotes: 1
Views: 5619
Answers (1)
Reputation: 24905
Please use the function X509_verify_cert_error_string to get errors related to Verification of Certificates in OpenSSL. ERR_error_string gives error strings for other SSL lib related errors not for the certificate verification failure specific errors.
As for the crash, there is no reason code mapping to the value 19. All SSL error reason codes start from 100. So, ERR_reason_error_string must be returning NULL which is causing your code to crash.
Upvotes: 2
Related Questions
- How to get the error string in openssl?
- How to get the CA Certificate Used to Validate Client Certificate programmatically
- How to convert an X509 certificate to a public key string in C++?
- Get Issuer certificate from certificate by OpenSSL C++
- Openssl X509 cert get string human readable
- Print an x509 certificate c++
- Reading and Verifying Certificates
- How to get PEM encoded X509 certificate as C++ string using openssl?
- How to use X509_verify()
- how can i verify the self signed certificate using openssl library in C++?