> On May 3, 2018, at 3:06 AM, Anil kumar Reddy <morthalaanilreddy@xxxxxxxxx> wrote: > > The issue is: > I am unable to find out the exact command lines or c/c++ program functions to prove the SignedCertificate.pem is signed or not. I have spent more than one day on researching, but I am end up with confusion. I do not have any digital certificate chain. To verify the signature on a single certificate using a known issuer public key you call: X509_verify(X509 *cert, EVP_PKEY *pkey) with return values <= 0 indicating failure. To verify a certificate chain against a set of trust anchors you call: X509_verify_cert(X509_STORE_CTX *ctx) where "ctx" is populated with the certificate chain, trust anchors, CRLs, verification parameters, including some types of subject names to check... This is what most applications use to check that something is signed by a trusted certificate with the right identity and purpose. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
