[Net-ssleay-devel] a question to you SSLeay module

sampo at zxidp.org sampo at zxidp.org
Thu Dec 2 18:17:58 UTC 2010


Proper forum for Net::SSLeay support is net-ssleay-devel at lists.alioth.debian.org (Cc'd).



"Tobias Hofmann" <TobiasHofmann1 at gmx.de> said:

> Hello Sampo,

> 

> im working with your Net:SSLeay module and i'm stuck now. maybe you can help me. i guess its realy simple, but i cant figure out, how to do that.

> so here is the prob:

> 

> i have to connect to an https server, and store the certificate from the server locally on the harddisk in a x509 PEM format.

> 

> i try your functions as explained in the documentation:

> 

> ---

> The variants 3 and 4 also allow you to discover the server certificate in case you would like to store or display it, e.g.

> 

>   ($p, $resp, $hdrs, $server_cert) = get_https3('www.bacus.pt', 443, '/');

>   if (!defined($server_cert) || ($server_cert == 0)) {

>       warn "Subject Name: undefined, Issuer  Name: undefined";

>   } else {

>       warn 'Subject Name: '

>           . Net::SSLeay::X509_NAME_oneline(

>                  Net::SSLeay::X509_get_subject_name($server_cert))

>               . 'Issuer  Name: '

>                   . Net::SSLeay::X509_NAME_oneline(

>                          Net::SSLeay::X509_get_issuer_name($server_cert));

>   }

> ---

> 

> so i have the $server_cert and can show a few informations. but the variable itself is only a number? so how can i store the certificate locally? i would be very happy about an answer!

> 



The variable is a C level pointer to X509 data structure. You need to pass it to a function

that understands such pointer, such as Net::SSLeay::X509_get_issuer_name($server_cert).



The certificate is obtained from the SSL handshake and is a bunch of ASN.1 encoded stuff. Nothing

that could be directly visualized as a string.



If you wanted to render the variable into, say, PEM formatted certificate, you

need to call appropriate OpenSSL API functions, such as Net::SSLeay::PEM_write_bio_X509().

See also OpenSSL documentation for those functions.



Cheers,

--Sampo



> thanks in advance

> tobi

> -- 

> Neu: GMX De-Mail - Einfach wie E-Mail, sicher wie ein Brief!  

> Jetzt De-Mail-Adresse reservieren: http://portal.gmx.net/de/go/demail

> 



More information about the Net-ssleay-devel mailing list