Crypt::OpenSSL::VerifyX509 - simple certificate verification
use Crypt::OpenSSL::VerifyX509;
use Crypt::OpenSSL::X509;
my $ca = Crypt::OpenSSL::VerifyX509->new('t/cacert.pem');
my $cert = Crypt::OpenSSL::X509->new(...);
$ca->verify($cert);
Given a CA certificate and another untrusted certificate, will show whether the CA signs the certificate. This is a useful thing to have if you're signing with X509 certificates, but outside of SSL.
A specific example is where you're working with XML signatures, and need to verify that the signing certificate is valid.
You could use Crypt::OpenSSL::CA to do this, but it is based on Inline::C, which can be troublesome in some situations. This module provides an XS alternative for the certificate verify feature.
Constructor. Returns a VerifyX509 instance, set up with the given CA.
Arguments:
* $ca_path - path to a file containing the CA certificate
Verify the certificate is signed by the CA. Returns true if so, and croaks with the verification error if not.
Arguments:
* $cert - a Crypt::OpenSSL::X509 object for the certificate to verify.
Chris Andrews [email protected]
Timothy Legge [email protected]
The following copyright notice applies to all the files provided in this distribution, including binary files, unless explicitly noted otherwise.
Copyright 2010 Venda Ltd.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.