ne_ssl_certificate(3) [redhat man page]
NE_SSL_CERTIFICATE(3) neon API reference NE_SSL_CERTIFICATE(3) NAME
ne_ssl_certificate, ne_ssl_dname - structures representing SSL certificates SYNOPSIS
#include <ne_session.h> /* A simplified X.509 distinguished name. */ typedef struct { const char *country, *state, *locality, *organization; const char *organizationalUnit; const char *commonName; } ne_ssl_dname; /* A simplified SSL certificate. */ typedef struct { const ne_ssl_dname *subject, *issuer; const char *from, *until; } ne_ssl_certificate; DESCRIPTION
The ne_ssl_dname structure is used to represent a simplified X.509 distinguished name, as used in SSL certificates; a distinguished name is used to uniquely identify an entity. Along with the fields giving the geographical and organizational location of the entity, the common- Name field will be assigned the DNS hostname of the entity. The ne_ssl_readable_dname function can be used to create a single-line string out of an ne_ssl_dname structure. The ne_ssl_certificate structure is used to represent a simplified SSL certificate; containing the distinguished names of the issuer and subject of the certificate. The issuer is the entity which has digitally signed the certificate to guarantee its authenticity; the subject is the owner of the certificate. A certificate is only valid for a certain period of time: the from and until contain strings giving the validity period. SEE ALSO
ne_ssl_dname(3), ne_ssl_set_verify(3) AUTHOR
Joe Orton <neon@webdav.org>. neon 0.23.5 8 October 2002 NE_SSL_CERTIFICATE(3)
Check Out this Related Man Page
NE_SSL_CERT_IDENTITY(3) neon API reference NE_SSL_CERT_IDENTITY(3) NAME
ne_ssl_cert_identity, ne_ssl_cert_signedby, ne_ssl_cert_issuer, ne_ssl_cert_subject - functions to access certificate properties SYNOPSIS
#include <ne_ssl.h> const char *ne_ssl_cert_identity(const ne_ssl_certificate *cert); const ne_ssl_certificate *ne_ssl_cert_signedby(const ne_ssl_certificate *cert); const ne_ssl_dname *ne_ssl_cert_subject(const ne_ssl_certificate *cert); const ne_ssl_dname *ne_ssl_cert_issuer(const ne_ssl_certificate *cert); DESCRIPTION
The function ne_ssl_cert_identity retrieves the "identity" of a certificate; for an SSL server certificate, this will be the hostname for which the certificate was issued. In PKI parlance, the identity is the common name attribute of the distinguished name of the certificate subject. The functions ne_ssl_cert_subject and ne_ssl_cert_issuer can be used to access the objects representing the distinguished name of the subject and of the issuer of a certificate, respectively. If a certificate object is part of a certificate chain, then ne_ssl_cert_signedby can be used to find the certificate which signed a particular certificate. For a self-signed certificate or a certificate for which the full chain is not available, this function will return NULL. RETURN VALUE
ne_ssl_cert_issuer and ne_ssl_cert_subject are guaranteed to never return NULL. ne_ssl_cert_identity may return NULL if the certificate has no specific "identity". ne_ssl_cert_signedby may return NULL as covered above. EXAMPLES
The following function could be used to display information about a given certificate: void dump_cert(const ne_ssl_certificate *cert) { const char *id = ne_ssl_cert_identity(cert); char *dn; if (id) printf("Certificate was issued for '%s'. ", id); dn = ne_ssl_readable_dname(ne_ssl_cert_subject(cert)); printf("Subject: %s ", dn); free(dn); dn = ne_ssl_readable_dname(ne_ssl_cert_issuer(cert)); printf("Issuer: %s ", dn); free(dn); } SEE ALSO
ne_ssl_cert_cmp, ne_ssl_readable_dname AUTHOR
Joe Orton <neon@lists.manyfish.co.uk> Author. COPYRIGHT
neon 0.29.6 3 May 2011 NE_SSL_CERT_IDENTITY(3)