Performs the certificate verification using the parameters set to stctx.
See also the man page X509_verify_cert(3).
Returns the error code of stctx. This is typically called after verify
is done, or from the verification callback set to OpenSSL::X509::Store#verify_callback=
.
See also the man page X509_STORE_CTX_get_error(3).
Sets the error code of stctx. This is used by the verification callback set to OpenSSL::X509::Store#verify_callback=
.
See also the man page X509_STORE_CTX_set_error(3).
Read the chained certificates from the given input. Supports both PEM and DER encoded certificates.
PEM is a text format and supports more than one certificate.
DER is a binary format and only supports one certificate.
If the file is empty, or contains only unrelated data, an OpenSSL::X509::CertificateError
exception will be raised.
Verifies the signature of the certificate, with the public key key. key must be an instance of OpenSSL::PKey
.
Checks that cert signature is made with PRIVversion of this PUBLIC ‘key’
This adds a new ObjectId
to the internal tables. Where object_id is the numerical form, short_name is the short name, and long_name is the long name.
Returns true
if successful. Raises an OpenSSL::ASN1::ASN1Error
if it fails.
key - the public key to be used for verifying the SPKI
signature
Returns true
if the signature is valid, false
otherwise. To verify an SPKI
, the public key contained within the SPKI
should be used.
Returns the challenge string associated with this SPKI
.
str - the challenge string to be set for this instance
Sets the challenge to be associated with the SPKI
. May be used by the server, e.g. to prevent replay.