[Net-ssleay-devel] a question to you SSLeay module
sampo at zxidp.org
sampo at zxidp.org
Thu Dec 2 18:17:58 UTC 2010
Proper forum for Net::SSLeay support is net-ssleay-devel at lists.alioth.debian.org (Cc'd).
"Tobias Hofmann" <TobiasHofmann1 at gmx.de> said:
> Hello Sampo,
>
> im working with your Net:SSLeay module and i'm stuck now. maybe you can help me. i guess its realy simple, but i cant figure out, how to do that.
> so here is the prob:
>
> i have to connect to an https server, and store the certificate from the server locally on the harddisk in a x509 PEM format.
>
> i try your functions as explained in the documentation:
>
> ---
> The variants 3 and 4 also allow you to discover the server certificate in case you would like to store or display it, e.g.
>
> ($p, $resp, $hdrs, $server_cert) = get_https3('www.bacus.pt', 443, '/');
> if (!defined($server_cert) || ($server_cert == 0)) {
> warn "Subject Name: undefined, Issuer Name: undefined";
> } else {
> warn 'Subject Name: '
> . Net::SSLeay::X509_NAME_oneline(
> Net::SSLeay::X509_get_subject_name($server_cert))
> . 'Issuer Name: '
> . Net::SSLeay::X509_NAME_oneline(
> Net::SSLeay::X509_get_issuer_name($server_cert));
> }
> ---
>
> so i have the $server_cert and can show a few informations. but the variable itself is only a number? so how can i store the certificate locally? i would be very happy about an answer!
>
The variable is a C level pointer to X509 data structure. You need to pass it to a function
that understands such pointer, such as Net::SSLeay::X509_get_issuer_name($server_cert).
The certificate is obtained from the SSL handshake and is a bunch of ASN.1 encoded stuff. Nothing
that could be directly visualized as a string.
If you wanted to render the variable into, say, PEM formatted certificate, you
need to call appropriate OpenSSL API functions, such as Net::SSLeay::PEM_write_bio_X509().
See also OpenSSL documentation for those functions.
Cheers,
--Sampo
> thanks in advance
> tobi
> --
> Neu: GMX De-Mail - Einfach wie E-Mail, sicher wie ein Brief!
> Jetzt De-Mail-Adresse reservieren: http://portal.gmx.net/de/go/demail
>
More information about the Net-ssleay-devel
mailing list