1NE_SSL_CERT_IDENTI(3)         neon API reference         NE_SSL_CERT_IDENTI(3)
2
3
4

NAME

6       ne_ssl_cert_identity,     ne_ssl_cert_signedby,     ne_ssl_cert_issuer,
7       ne_ssl_cert_subject - functions to access certificate properties
8

SYNOPSIS

10       #include <ne_ssl.h>
11
12
13       const char *ne_ssl_cert_identity (const ne_ssl_certificate *cert);
14
15       const ne_ssl_certificate *ne_ssl_cert_signedby (const ne_ssl_certificate *cert);
16
17       const ne_ssl_dname *ne_ssl_cert_subject (const ne_ssl_certificate *cert);
18
19       const ne_ssl_dname *ne_ssl_cert_issuer (const ne_ssl_certificate *cert);
20
21

DESCRIPTION

23       The  function ne_ssl_cert_identity retrieves the ``identity'' of a cer‐
24       tificate; for an SSL server certificate, this will be the hostname  for
25       which  the certificate was issued. In PKI parlance, the identity is the
26       common name attribute of the distinguished name of the certificate sub‐
27       ject.
28
29
30       The functions ne_ssl_cert_subject and ne_ssl_cert_issuer can be used to
31       access the objects representing the distinguished name of  the  subject
32       and of the issuer of a certificate, respectively.
33
34
35       If   a  certificate  object  is  part  of  a  certificate  chain,  then
36       ne_ssl_cert_signedby can be used to find the certificate which signed a
37       particular  certificate. For a self-signed certificate or a certificate
38       for which the full chain is not available, this  function  will  return
39       NULL.
40
41

RETURN VALUE

43       ne_ssl_cert_issuer  and ne_ssl_cert_subject are guaranteed to never re‐
44       turn NULL. ne_ssl_cert_identity may return NULL if the certificate  has
45       no  specific ``identity''. ne_ssl_cert_signedby may return NULL as cov‐
46       ered above.
47
48

EXAMPLES

50       The following function could be used to  display  information  about  a
51       given certificate:
52
53       void dump_cert(const ne_ssl_certificate *cert) {
54         const char *id = ne_ssl_cert_identity(cert);
55         char *dn;
56
57         if (id)
58           printf("Certificate was issued for '%s'.\n", id);
59
60         dn = ne_ssl_readable_dname(ne_ssl_cert_subject(cert));
61         printf("Subject: %s\n", dn);
62         free(dn);
63
64         dn = ne_ssl_readable_dname(ne_ssl_cert_issuer(cert));
65         printf("Issuer: %s\n", dn);
66         free(dn);
67       }
68
69

SEE ALSO

71       ne_ssl_cert_cmp(3), ne_ssl_readable_dname(3)
72
73

AUTHOR

75       Joe Orton <neon@webdav.org>.
76
77
78
79neon 0.25.5                     20 January 2006          NE_SSL_CERT_IDENTI(3)