How to validate an SSL certificate for a period using OpenSSL functions?

T

Tesla4o2020-01-16 16:02:08

OpenSSL

Tesla4o, 2020-01-16 16:02:08

I receive certificates through Let's Encrypt. But it saves them in /etc/letsencrypt/live/example.com/.
But I need these certificates to be in the directory with the program and with other names. I made code programmatically in C ++ that copies and renames ssl files. But I can't check the validity period of the certificate. That is, for example, if the certificate is already 60 days old, then you need to copy it again from the directory in which they were created to the folder with the program.
I tried that, but it's not what I understand

SSL_CTX *ctx = nullptr;
OpenSSL_add_all_algorithms();
SSL_load_error_strings();
SSL_library_init();
ctx = SSL_CTX_new(SSLv23_method());

if ( SSL_CTX_use_certificate_file(ctx, "storage/ssl/mycert.plus.pem", SSL_FILETYPE_PEM ) != 1 ) {
      std::cout << "ne norm" << std::endl;
      //cp_cert();
} else {
      std::cout << "norm" << std::endl;
      //sleep(3600);
}

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

Saboteur, 2020-01-17
@Tesla4o

The very first examples in Google give C++ code on how to extract information from a certificate
https://gist.github.com/cseelye/adcd900768ff61f697...
https://stackoverflow.com/questions/11683021/opens
... , compare with the current one, get the expiration date

V

Vadim Priluzkiy, 2020-01-16
@Oxyd

Isn't it easier with symlinks? Why copy something somewhere?

W

Wexter, 2020-01-16
@Wexter

If you have read access to the certificates - why copy it somewhere?