Ｃ语言实现OpenSSL编程获取X509证书的DNS

证书中的DNS指的是X509v3扩展里面的X509v3 Subject Alternative Name；

可以使用命令查看

openssl x509 -text -noout -in 1.crt

输出如下：

X509v3 extensions:

X509v3 Subject Alternative Name: 
    DNS: test.com

代码如下：

#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <openssl/bio.h>
#include <openssl/x509v3.h>

int main(int argc, char **argv)
{
    BIO *bio = NULL;

    bio = BIO_new_file(argv[1], "r");
    assert(bio);

    X509 *x = NULL;
    x = PEM_read_bio_X509(bio, NULL, NULL, NULL);
    assert(x);

    GENERAL_NAMES* subjectAltNames = (GENERAL_NAMES*)X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);

    int cnt = sk_GENERAL_NAME_num(subjectAltNames);
    int i;

    for (i = 0; i < cnt; i++) {
        GENERAL_NAME* generalName = sk_GENERAL_NAME_value(subjectAltNames, i);

        printf("%s\n", ASN1_STRING_data(GENERAL_NAME_get0_value(generalName, NULL)));

    }
}

gcc -lssl a.c
./a.out 1.crt

Referenced from:https://blog.csdn.net/propro1314/article/details/72571807?locationNum=6&fps=1

本文链接地址：https://const.net.cn/175.html