hi, Jakob! Though it may work, i personally don't think that it's a good idea to implement ocsp code myself! Not only because I'm a lazy guy, but mainly for practical reasons :-)
In google I found that some guy had already made a patch that brings some kind of ocsp client functionality to openssl (http://www.mail-archive.com/openssl-users@openssl.org/msg67721.html). I'll check that one tomorrow!! On Wed, 2012-06-20 at 16:04 +0200, Jakob Bohm wrote: > Look in the openssl source code in the "apps" directory. There you will > find the source code for each of the openssl command line subcommands > (including "openssl ocsp"). Use this as inspiration for how to do the > ocsp directly in your code. > > For most of the openssl command line subcommands, the code in apps is > just a thin wrapper around some of the documented interface calls, with > most of the code in apps dealing with the command line options, loading > certificates from files and other extra stuff you probably will not need > if the stuff is already in memory and you only want to do one or two > things, not all the possible permutations of command line options. > > On 6/20/2012 2:53 PM, JT Rosin wrote: > > Any help on this?? > > > > On Mon, 2012-06-18 at 15:32 +0400, JT Rosin wrote: > >> Hello to everybody!! > >> > >> I'm writing a client/server app with communication over SSL. Every setup > >> can be a server or a client so I think I could benefit from using ocsp > >> for validation purposes! > >> > >> I'm very new to openssl but i found that i can use bundled command-line > >> `ocsp` application for checking certificates. Documentation says that I > >> need to call it with the remote certificate as argument. > >> I think I can get that certificate itself by calling > >> SSL_get_peer_certificate(), though i have completely no idea how to pass > >> the certificate to command-line app? > >> > >> Thanks for your help!! > >> BRs, JT. > >> > Enjoy > > Jakob ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
