Skip to content

Commit

Permalink
Retrieve OpenSSL peer certificate chain
Browse files Browse the repository at this point in the history
  • Loading branch information
@pepone
pepone committed Apr 26, 2024
1 parent c9ff80c commit f48f3cf
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions cpp/src/IceSSL/OpenSSLTransceiverI.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,6 +210,19 @@ OpenSSL::TransceiverI::initialize(IceInternal::Buffer& readBuffer, IceInternal::
rethrow_exception(_verificationException);
}

// Retrieve the certificate chain.
STACK_OF(X509)* chain = SSL_get_peer_cert_chain(_ssl);
if (chain != 0)
{
_certs.clear();
for (int i = 0; i < sk_X509_num(chain); ++i)
{
CertificatePtr cert = OpenSSL::Certificate::create(X509_dup(sk_X509_value(chain, i)));
_certs.push_back(cert);
}
sk_X509_pop_free(chain, X509_free);
}

if (_engine->securityTraceLevel() >= 1)
{
Trace out(_instance->logger(), _instance->traceCategory());
Expand Down

0 comments on commit f48f3cf

Please sign in to comment.