Hi Brahmaji,
what you mean by 'sorting' a cert chain - making sure they are in
the order of issuance, starting from a given target cert,
possibly assuming that the given list/set of certs is already
known to be complete w.r.t. the given target cert and some trust
anchor?
What likely comes very close to what you asked for is the
function X509_build_chain() added
in https://github.com/openssl/openssl/pull/14128.
You can call it, e.g., like this:
chain = X509_build_chain(target_cert, candidate_certs, NULL /*
truststore */, 1, NULL, NULL);
See https://www.openssl.org/docs/manmaster/man3/X509_build_chain.html
for its man page.
David
On 09.10.23 08:51, Brahmaji K wrote:
Hi Team,
Could you please help provide Openssl APIs (or list of APIs) to be used to sort the certificates used in the certificate chain?
