I think what you want might be found in the book "Network Security with OpenSSL" from the year 2002, and the same code snippit can be found here: http://www.cs.odu.edu/~cs772/ssl/c-examples/NSopenssl/common.c look for "post_connection_check". This is just something I remember from reading. I have no experience with it. On Sun, Jan 10, 2016 at 7:07 PM, Karl Denninger <karl at denninger.net> wrote: > Yeah, now I just have to figure out how to parse the X509 Extension data > from the certificate to pull out the SubjectAltName information.... :-) > > There wouldn't be a snippet of code laying around somewhere that does that > given a X509 cert as input would there? It looks a bit arcane.... > > On 1/10/2016 21:04, Judson Wilson wrote: > > It's always good to start with the s_client and s_server programs for > incrementally verifying compatibility in your new programs. Those would > have failed on your certificates, alerting you it's not a program problem. > > <https://mta.openssl.org/mailman/listinfo/openssl-users> >> >> > > > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > > -- > Karl Denninger > karl at denninger.net > *The Market Ticker* > *[S/MIME encrypted email preferred]* > > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160110/57fe2da0/attachment.html>
