No, technically not. I am just searching for a simple method just to check a certificate is signed by CA or not. Because. Something like signing check, I am not quite sure, I do not have proper knowledge on Openssl. d3x0r wrote > https://github.com/d3x0r/sack.vfs/blob/master/src/tls_interface.cc#L1538 > this routine does cert validation but I don't thkn that's what you want > > this verified on a connection.... > https://github.com/d3x0r/SACK/blob/master/src/netlib/ssl_layer.c#L274 > > which boils down to.... > SSL_get_peer_certificate , SSL_get_verify_result > > On Thu, May 3, 2018 at 12:06 AM, Anil kumar Reddy < > morthalaanilreddy@ >> wrote: > >> Hi everyone, >> >> I am new to opennssl and now I am completely confused. Please help me out >> to solve my issue. >> >> I have implemented a code to sign the given CSR certificate >> (certReq.pem), >> then generate openssl signed Certificate (SignedCertificate.pem) using >> the >> details of certReq,pem. The code is like self signing, but I have added >> new >> functions to enter additional issuer details. Now I have two private keys >> one from CA, another from CSR, one CSR (certReq.pem) and Signed >> Certificate >> (SignedCertificate.pem). In SignedCertificate.pem, the subject details >> and >> the issuer details are different. There is no problem with codes. >> >> The issue is: >> I am unable to find out the exact command lines or c/c++ program >> functions >> to prove the SignedCertificate.pem is signed or not. I have spent more >> than >> one day on researching, but I am end up with confusion. I do not have any >> digital certificate chain. >> >> >> Could anyone kindly provide any information regarding this. >> >> Thanks in advance, >> >> -- >> openssl-users mailing list >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >> >> > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users d3x0r wrote > https://github.com/d3x0r/sack.vfs/blob/master/src/tls_interface.cc#L1538 > this routine does cert validation but I don't thkn that's what you want > > this verified on a connection.... > https://github.com/d3x0r/SACK/blob/master/src/netlib/ssl_layer.c#L274 > > which boils down to.... > SSL_get_peer_certificate , SSL_get_verify_result > > On Thu, May 3, 2018 at 12:06 AM, Anil kumar Reddy < > morthalaanilreddy@ >> wrote: > >> Hi everyone, >> >> I am new to opennssl and now I am completely confused. Please help me out >> to solve my issue. >> >> I have implemented a code to sign the given CSR certificate >> (certReq.pem), >> then generate openssl signed Certificate (SignedCertificate.pem) using >> the >> details of certReq,pem. The code is like self signing, but I have added >> new >> functions to enter additional issuer details. Now I have two private keys >> one from CA, another from CSR, one CSR (certReq.pem) and Signed >> Certificate >> (SignedCertificate.pem). In SignedCertificate.pem, the subject details >> and >> the issuer details are different. There is no problem with codes. >> >> The issue is: >> I am unable to find out the exact command lines or c/c++ program >> functions >> to prove the SignedCertificate.pem is signed or not. I have spent more >> than >> one day on researching, but I am end up with confusion. I do not have any >> digital certificate chain. >> >> >> Could anyone kindly provide any information regarding this. >> >> Thanks in advance, >> >> -- >> openssl-users mailing list >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >> >> > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users d3x0r wrote > https://github.com/d3x0r/sack.vfs/blob/master/src/tls_interface.cc#L1538 > this routine does cert validation but I don't thkn that's what you want > > this verified on a connection.... > https://github.com/d3x0r/SACK/blob/master/src/netlib/ssl_layer.c#L274 > > which boils down to.... > SSL_get_peer_certificate , SSL_get_verify_result > > On Thu, May 3, 2018 at 12:06 AM, Anil kumar Reddy < > morthalaanilreddy@ >> wrote: > >> Hi everyone, >> >> I am new to opennssl and now I am completely confused. Please help me out >> to solve my issue. >> >> I have implemented a code to sign the given CSR certificate >> (certReq.pem), >> then generate openssl signed Certificate (SignedCertificate.pem) using >> the >> details of certReq,pem. The code is like self signing, but I have added >> new >> functions to enter additional issuer details. Now I have two private keys >> one from CA, another from CSR, one CSR (certReq.pem) and Signed >> Certificate >> (SignedCertificate.pem). In SignedCertificate.pem, the subject details >> and >> the issuer details are different. There is no problem with codes. >> >> The issue is: >> I am unable to find out the exact command lines or c/c++ program >> functions >> to prove the SignedCertificate.pem is signed or not. I have spent more >> than >> one day on researching, but I am end up with confusion. I do not have any >> digital certificate chain. >> >> >> Could anyone kindly provide any information regarding this. >> >> Thanks in advance, >> >> -- >> openssl-users mailing list >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >> >> > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
