Aravinda Babu wrote: > Problem is our application will verify only DER format certificates.
> So if i get the peer certificate in PEM format , i will convert > that into DER and i will verify the peer certificate. > Is there any openSSL API which will tell me a'out the peer > certificate encoding ? > I want to know whether it is in PEM or DER ? Is the certificate in a memory buffer or a file? Either way, you can just look at the data. If it's PEM, the whole file will be printable text. The first few characters will be perhaps some number of newlines or empty spaces, but the first non-whitespace should be a '-'. If it's DER, there will be many non-printable characters. However, it's probably just easiest to try it both ways. If either of them works, you have a valid certificate. Just remember to clear the error stack after an "expected and normal" error. Otherwise, it might confuse you later when you see an "invalid certificate" type error because much earlier it worked on the second attempt. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
