Can I use the openssl lib to find my server certificate in a buffer containing a certificate chain

Issue

My C program receives a certificate chain from a server and stores it in a buffer (certs in DER format). Is it possible to find out where the leaf certificate is stored within this buffer and the length of it by using the openssl library?

I need this information to be able to calculate a checksum based only on the contents of the leaf certificate. Parsing certificate chains seems like a common task, so I suppose there should be support for it by the openssl library.

Solution

The solution to my question was to parse the buffer using d2i_x509() to find each certificate.

Answered By – Bugsy

This Answer collected from stackoverflow, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply

(*) Required, Your email will not be published