Prasanth Madhavan
Reputation: 13309
x509 certificate subject alternative name
When using the x509 certificate in c++ obtained using the function SSL_get_peer_certificate, which function should be used to handle the subject alternative name field of the certificate? Some certificates dont have multiple CN's but have multiple subject alternative name. How should that be handled?
I was able to get the x509_EXTENSIONS struture.
typedef struct X509_extension_st
{
ASN1_OBJECT *object;
ASN1_BOOLEAN critical;
ASN1_OCTET_STRING *value;
} X509_EXTENSION;
What is the difference between the object and the value pointers?
Upvotes: 0
Views: 1542
Answers (1)
Jay
Reputation: 24895
I guess in some of recent versions of OpenSSL, the X509_st (of which type the peer cert is) contains a field STACK_OF(GENERAL_NAME) *altname. If you are able to access it, it should solve your problem.
Upvotes: 1
Related Questions
- OpenSSL Certificate (Version 3) with Subject Alternative Name
- Subject Alternative Name not present in certificate
- How to add subject alternative name to ssl certs?
- Open SSL generate x509 self signed certificate with Friendly Name
- How to display the Subject Alternative Name of a certificate?
- Specify Subject Alternative Name when generating a self signed certificate
- conversion of subject name into x509_name format
- How do you add a subjectNameAlt extension to X509_REQ?
- Adding a DN subject alternative name extension in an X509 certificate using openssl
- Certificate Friendly Name