Known Derived Classes: Poco::Net::X509Certificate

Member Summary

Member Functions: certificate , commonName , dup , equals , expiresOn , extractNames , fingerprint , init , issuedBy , issuerName , load , operator = , print , readPEM , save , serialNumber , signatureAlgorithm , subjectName , swap , validFrom , version , writePEM

Types Aliases

using List = std::vector < X509Certificate >;

Enumerations

Name identifier for extracting information from a certificate subject's or issuer's distinguished name.

NID_COMMON_NAME = 13

NID_COUNTRY = 14

NID_LOCALITY_NAME = 15

NID_STATE_OR_PROVINCE = 16

NID_ORGANIZATION_NAME = 17

NID_ORGANIZATION_UNIT_NAME = 18

NID_PKCS9_EMAIL_ADDRESS = 48

NID_SERIAL_NUMBER = 105

Constructors

X509Certificate

explicit X509Certificate (
std::istream & istr
);

Creates the X509Certificate object by reading a certificate in PEM format from a stream.

X509Certificate

explicit X509Certificate (
const std::string & path
);

Creates the X509Certificate object by reading a certificate in PEM format from a file.

X509Certificate

explicit X509Certificate (
X509 * pCert
);

Creates the X509Certificate from an existing OpenSSL certificate. Ownership is taken of the certificate.

X509Certificate

X509Certificate (
const X509Certificate & cert
);

Creates the certificate by copying another one.

X509Certificate

X509Certificate (
X509Certificate && cert
) noexcept;

Creates the certificate by moving another one.

X509Certificate

X509Certificate (
X509 * pCert,
bool shared
);

Creates the X509Certificate from an existing OpenSSL certificate. Ownership is taken of the certificate. If shared is true, the certificate's reference count is incremented.

Destructor

~X509Certificate

~ X509Certificate ();

Destroys the X509Certificate .

Member Functions

certificate

const X509 * certificate() const;

Returns the underlying OpenSSL certificate.

commonName

std::string commonName() const;

Returns the common name stored in the certificate subject's distinguished name.

X509 * dup() const;

Duplicates and returns the underlying OpenSSL certificate. Note that the caller assumes responsibility for the lifecycle of the created certificate.

equals

bool equals(
const X509Certificate & otherCertificate
) const;

Checks whether the certificate is equal to the other certificate, by comparing the hashes of both certificates.

Returns true if both certificates are identical, otherwise false.

expiresOn

Poco::DateTime expiresOn() const;

Returns the date and time the certificate expires.

extractNames

void extractNames(
std::string & commonName,
std::set < std::string > & domainNames
) const;

Extracts the common name and the alias domain names from the certificate.

fingerprint

Poco::DigestEngine::Digest fingerprint(
const std::string & algorithm = "SHA1"
) const;

Computes and returns the fingerprint of the certificate, using the given algorithm. The algorithm must be supported by OpenSSL, e.g., "SHA1" or "SHA256".

issuedBy

bool issuedBy(
const X509Certificate & issuerCertificate
) const;

Checks whether the certificate has been issued by the issuer given by issuerCertificate. This can be used to validate a certificate chain.

Verifies if the certificate has been signed with the issuer's private key, using the public key from the issuer certificate.

Returns true if verification against the issuer certificate was successful, false otherwise.

issuerName

const std::string & issuerName() const;

Returns the certificate issuer's distinguished name.

issuerName

std::string issuerName(
NID nid
) const;

Extracts the information specified by the given NID (name identifier) from the certificate issuer's distinguished name.

operator =

X509Certificate & operator = (
const X509Certificate & cert
);

Assigns a certificate.

operator =

X509Certificate & operator = (
X509Certificate && cert
) noexcept;

Move assignment.

print

void print(
std::ostream & out
) const;

Prints the certificate information to ostream.

readPEM

static List readPEM(
const std::string & pemFileName
);

Reads and returns a list of certificates from the specified PEM file.

void save(
std::ostream & stream
) const;

Writes the certificate to the given stream. The certificate is written in PEM format.

void save(
const std::string & path
) const;

Writes the certificate to the file given by path. The certificate is written in PEM format.

serialNumber

const std::string & serialNumber() const;

Returns the certificate serial number as a string in decimal encoding.

signatureAlgorithm

std::string signatureAlgorithm() const;

Returns the certificate signature algorithm long name.

subjectName

const std::string & subjectName() const;

Returns the certificate subject's distinguished name.

subjectName

std::string subjectName(
NID nid
) const;

Extracts the information specified by the given NID (name identifier) from the certificate subject's distinguished name.

void swap(
X509Certificate & cert
) noexcept;

Exchanges the certificate with another one.

validFrom

Poco::DateTime validFrom() const;

Returns the date and time the certificate is valid from.

version

long version() const;

Returns the version of the certificate.

writePEM

static void writePEM(
const std::string & pemFileName,
const List & list
);

Writes the list of certificates to the specified PEM file.

void init();

Extracts issuer and subject name from the certificate.

void load(
std::istream & stream
);

Loads the certificate from the given stream. The certificate must be in PEM format.

void load(
const std::string & path
);

Loads the certificate from the given file. The certificate must be in PEM format.

POCO C++ Libraries 1.13.0-all