pkix

I have a web app that requires a client to send it's certificate and the server has to validate the certificate(i.e see if the issuer is a valid issuer and present in the server's truststore). Here is the code : FileInputStream fin=new FileInputStream("C:/trustedca"); KeyStore anchors = KeyStore.getInstance("JKS","SUN"); anchors.load(fin, "server".toCharArray()); X509CertSelector target = new X509CertSelector(); FileInputStream fin1=new FileInputStream("C:/client.crt"); CertificateFactory cf=CertificateFactory.getInstance("X.509"); X509Certificate cert=null; while (fin1.available() > 0) {

This is very similar to other questions but the ones I've looked at either don't have an answer or don't quite ask the same question. I have a self-signed CA certificate, and two other certificates that are signed with that CA certificate. I'm fairly sure the certificates are correct, because 'openssl verify' works: $ openssl verify -CAfile ca.pem server.pem server.pem: OK (The above is from memory, I don't have them in front of me, so it may be slightly off). Now I want to verify the certificates programatically. I have a utility function with pseudocode below: int verify_cert(X509 *cert,

I have a C/C++ application and I need to create a X509 pem certificate containing both a public and private key. The certificate can be self signed, or unsigned, doesn't matter. I want to do this inside an app, not from command line. What OpenSSL functions will do this for me? Any sample code is a bonus! Martin v. Löwis You'll need to familiarize yourself with the terminology and mechanisms first. An X.509 certificate , by definition, does not include a private key. Instead, it is a CA-signed version of the public key (along with any attributes the CA puts into the signature). The PEM format