[erlang-questions] SSL certificate question

Will wglozer@REDACTED
Sat Jul 7 19:47:16 CEST 2007


Hello Gaspar,

On 7/7/07, Gaspar Chilingarov <nm@REDACTED> wrote:
>
> I need to check if given x509 certificate/key file and password
> are valid and fit together well :) I will use them later to make
> connection to remote site and I would like to check certificates before
> making connections -- in separate utility tool.
>
> Are there any way to import/load certificate in erlang application and
> check if it's valid or not ? Reading ssl module  manual provided no
> clues to me.

Check out the ssl_pkix module for decoding PEM and BER encoded
certificates, particularly ssl_pkix:decode_cert_file/2.  The ssl_pem
module can be used for lower-level decoding of RSA private keys into
ASN.1 binaries, which you'll need to decode to get at the RSA
parameters.

Once you get the public key out of the cert, and the private key
parameters, you can do a sign and verify to make sure the keys match.
Unfortunately the crypto application lacks a RSA sign function, but
you can find my patch adding sha1/md5 sign and verify here:
http://article.gmane.org/gmane.comp.lang.erlang.patches/151

Regards,
Will



More information about the erlang-questions mailing list