Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Do the openssl X509_verify_cert() API verifies the RSA signature in the certificate ?
To my understanding , that API checks only certificate validity (like date check and all).
Somebody please clarify ?
X509_verify_cert()essentially checks a certificate’s validity. That includes verifying that signatures that have signed the cert belonging to CAs are valid and are in date – it’ll process the entire chain like that.It does not, however, verify that a given RSA signature is valid – although it validates RSA signatures as part of its work, it isn’t what you should use to do that.
It is, broadly speaking, like the functionality that runs when you get a certificate error browsing an SSL site.