Reputation: 481
Verifying the issuer of digital certificate?
I am developing an application in C++. Here i am performing some encryption and decryption using the digital certificates. My objective is that a user with an valid digital certificate should only be allow to proceed. Here a valid digital certificate means the one issued by CA(certificate authority). Now for example we can create our own digital certificate like this. My objective is to verify the issuer of the digital certificate and check the validity based on the issuer.
What i need here is the exact CryptoAPI to perform above operation? If you have any other suggestion to achieve the above mentioned objective then i would be very grateful.
Thanks in advance for you help.
Upvotes: 1
Views: 927
Answers (1)
Reputation: 1163
The CA will supply its root certificate which will provide the trust for your user certificate. You will build a chain to your root certificate to achieve this. Refer to Certificate Chain Verification Functions
You will also find other relevant functions that will allow you to validate the certificate itself using either CRL/OCSP.
If you are not familiar with cryptoAPI, a good starting will be to go through this book, Performing X.509 Certificate Verification with CryptoAPI
Upvotes: 5
Related Questions
- Validate digital signature with a self-signed certificate
- How do I validate that a certificate was created by a particular certification authority?
- C# - Obtaining Digital Certificates from VeriSign and Verifying Authenticity
- Something confusing about digital certificates
- Verifying a certificate
- Verify that a certificate belongs to a given user
- how to prove that one certificate is issuer of another certificates
- Who verify certificate in openSSL
- Certificate Signing
- How do digital certificates prove the identity of a device?