X509_NAME_print_ex(3) OpenSSL X509_NAME_print_ex(3)
X509_NAME_print_ex, X509_NAME_print_ex_fp, X509_NAME_print, X509_NAME_oneline - X509_NAME
int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags);
char * X509_NAME_oneline(X509_NAME *a,char *buf,int size);
int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
X509_NAME_print_ex() prints a human readable version of nm to BIO out. Each line (for mul-
tiline formats) is indented by indent spaces. The output format can be extensively cus-
tomised by use of the flags parameter.
X509_NAME_print_ex_fp() is identical to X509_NAME_print_ex() except the output is written
to FILE pointer fp.
X509_NAME_oneline() prints an ASCII version of a to buf. At most size bytes will be writ-
ten. If buf is NULL then a buffer is dynamically allocated and returned, otherwise buf is
X509_NAME_print() prints out name to bp indenting each line by obase characters. Multiple
lines are used if the output (including indent) exceeds 80 characters.
The functions X509_NAME_oneline() and X509_NAME_print() are legacy functions which produce
a non standard output form, they don't handle multi character fields and have various
quirks and inconsistencies. Their use is strongly discouraged in new applications.
Although there are a large number of possible flags for most purposes XN_FLAG_ONELINE,
XN_FLAG_MULTILINE or XN_FLAG_RFC2253 will suffice. As noted on the
ASN1_STRING_print_ex(3) manual page for UTF8 terminals the ASN1_STRFLAGS_ESC_MSB should be
unset: so for example XN_FLAG_ONELINE & ~ASN1_STRFLAGS_ESC_MSB would be used.
The complete set of the flags supported by X509_NAME_print_ex() is listed below.
Several options can be ored together.
The options XN_FLAG_SEP_COMMA_PLUS, XN_FLAG_SEP_CPLUS_SPC, XN_FLAG_SEP_SPLUS_SPC and
XN_FLAG_SEP_MULTILINE determine the field separators to use. Two distinct separators are
used between distinct RelativeDistinguishedName components and separate values in the same
RDN for a multi-valued RDN. Multi-valued RDNs are currently very rare so the second sepa-
rator will hardly ever be used.
XN_FLAG_SEP_COMMA_PLUS uses comma and plus as separators. XN_FLAG_SEP_CPLUS_SPC uses comma
and plus with spaces: this is more readable that plain comma and plus.
XN_FLAG_SEP_SPLUS_SPC uses spaced semicolon and plus. XN_FLAG_SEP_MULTILINE uses spaced
newline and plus respectively.
If XN_FLAG_DN_REV is set the whole DN is printed in reversed order.
The fields XN_FLAG_FN_SN, XN_FLAG_FN_LN, XN_FLAG_FN_OID, XN_FLAG_FN_NONE determine how a
field name is displayed. It will use the short name (e.g. CN) the long name (e.g. common-
Name) always use OID numerical form (normally OIDs are only used if the field name is not
recognised) and no field name respectively.
If XN_FLAG_SPC_EQ is set then spaces will be placed around the '=' character separating
field names and values.
If XN_FLAG_DUMP_UNKNOWN_FIELDS is set then the encoding of unknown fields is printed
instead of the values.
If XN_FLAG_FN_ALIGN is set then field names are padded to 20 characters: this is only of
use for multiline format.
Additionally all the options supported by ASN1_STRING_print_ex() can be used to control
how each field value is displayed.
In addition a number options can be set for commonly used formats.
XN_FLAG_RFC2253 sets options which produce an output compatible with RFC2253 it is equiva-
ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | XN_FLAG_FN_SN |
XN_FLAG_ONELINE is a more readable one line format it is the same as:
ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_SPC_EQ |
XN_FLAG_MULTILINE is a multiline format is is the same as:
ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | XN_FLAG_SPC_EQ |
XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN
XN_FLAG_COMPAT uses a format identical to X509_NAME_print(): in fact it calls
0.9.7d 2003-11-20 X509_NAME_print_ex(3)