I want to read a server certificate in DER format and store it in our DB, I found a api to print certificate using X509 structure, but i don't see any API to get it as string. can anyone please point out the API or any example to read certificate?
Asked
Active
Viewed 1,900 times
0
-
1Are you saying `d2i_X509` *doesn't* do what you want ? Or are you just trying to read it from DER and xlat to text (which it seems you already have). Finally, what's wrong with just storing it in your DB in DER format as a blob ? – WhozCraig Aug 02 '16 at 08:54
-
@WhozCraig, I have tried using i2d_X509() to convert and print certificate to DER, it is printing junk characters. i2d_X509(cert, &der); printf("%s\n", der); OPENSSL_free(der); – user1290 Aug 02 '16 at 10:53
-
The ***`i`*** in `i2d` is internal; and the ***`d`*** in `i2d` is ASN.1/DER. ASN.1/DER is binary; it is not printable ascii. Its not printing junk; rather its providing you with the ASN.1/DER you asked for. You *cannot* print it with `printf("%s\n", der)` because its *not* a string. You *read* an ASN.1/DER encoded certificate with `d2i_X509`. Finally, if you provide code with your question and problem, then we could probably help you better. – jww Aug 02 '16 at 11:16
1 Answers
0
As far as I know, you have two choices for storing the certificate. The first way, make your DB column type to BLOB, and then store the binary certificate data.
The second way, make your DB column type to TEXT, encode your certificate data with Base64, and then store the encoded string. When you need to use the certificate, Base64 decode it back to ASN.1/DER.
jww
- 97,681
- 90
- 411
- 885
Neal.Marlin
- 494
- 5
- 17