Hello,
My secure client application performs post-connection fully-qualified-domain-name authentication. According to RFC 2818,
"If a subjectAltName extension of type dNSName is present, that MUST be used as the identity. Otherwise, the (most specific) Common Name field in the Subject field of the certificate MUST be used."
My code to retrieve the common name from the subject field is:
X509 *cert = [code not shown]char pName[ 256 ];X509_NAME *subj;subj = X509_get_subject_name( cert );X509_NAME_get_text_by_NID( subj, NID_commonName, pName,256);
My question: how do I retrieve the subjectAltName extension of type dNSName?
Thanks,
-David
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
