how to retrieve SSL certificate informations?
Roger Lipscombe
roger@REDACTED
Mon Mar 9 20:18:55 CET 2020
erlc knows how to compile .asn1 files:
https://erlang.org/doc/man/erlc.html#supported-compilers;
OTPCertificate is defined in lib/public_key/asn1/OTP-PKIX.asn1.
On Mon, 9 Mar 2020 at 17:36, Benoit Chesneau <bchesneau@REDACTED> wrote:
>
> err I meant the OTPCertificate record. it seems to be defined during compilation.
>
> On Mon 9 Mar 2020 at 17:53 Marc Worrell <marc@REDACTED> wrote:
>>
>> We create the certs using two methods:
>>
>> - self signed certificates (snake oil)
>> - Let’s Encrypt certificates
>>
>> And of course we also use certificates we buy from various sources.
>>
>> I can add the self-signed cert creation to the library.
>>
>> - Marc
>>
>>
>> On 9 Mar 2020, at 17:35, Benoit Chesneau <bchesneau@REDACTED> wrote:
>>
>> Thanks with that an the snippet from Leonard and Marc I have all what I need I thin;k. I will try later today to mix that. One thing I am not sure to understand is how this certificate is created and how you did find the information about it. Is there any place I should read for it?
>>
>>
>> Benoit
>>
>> On Mon, Mar 9, 2020 at 9:23 AM Roger Lipscombe <roger@REDACTED> wrote:
>>>
>>> This is probably not complete (because we generate our own
>>> certificates), but here's what we use:
>>>
>>> -include_lib("public_key/include/public_key.hrl").
>>>
>>> get_certificate_subject_cn(#'OTPCertificate'{tbsCertificate = OTPTBS}) ->
>>> get_certificate_subject_cn(OTPTBS);
>>> get_certificate_subject_cn(#'OTPTBSCertificate'{subject = Subject}) ->
>>> get_cn(Subject).
>>>
>>> get_cn({rdnSequence, Seq}) ->
>>> get_cn(Seq);
>>> get_cn([]) ->
>>> undefined;
>>> get_cn([[#'AttributeTypeAndValue'{type = ?'id-at-commonName',
>>> value = {utf8String, Value}}] | _]) ->
>>> Value;
>>> get_cn([_|Rest]) ->
>>> get_cn(Rest).
>>>
>>> get_serial_number(#'OTPCertificate'{tbsCertificate = OTPTBS}) ->
>>> get_serial_number(OTPTBS);
>>> get_serial_number(#'OTPTBSCertificate'{serialNumber = SerialNumber}) ->
>>> SerialNumber.
>>>
>>> On Sun, 8 Mar 2020 at 23:34, Benoit Chesneau <bchesneau@REDACTED> wrote:
>>> >
>>> > How can I get informations about an SSL certificate ? Specifically I am looking for a way to retrieve the issuer, subject, and the serial number of the certificate.
>>> >
>>> > The record I get from decoding using public_key functions is hard to parse so any help is welcome. Maybe there is already an api/app somewhere for it?
>>> >
>>> > Benoît
>>> >
>>> >
>>
>>
> --
> Sent from my Mobile
More information about the erlang-questions
mailing list