gnutls_x509_crt_get_issuer_dn_by_oid man page

gnutls_x509_crt_get_issuer_dn_by_oid — API function


#include <gnutls/x509.h>

int gnutls_x509_crt_get_issuer_dn_by_oid(gnutls_x509_crt_t cert, const char * oid, unsigned indx, unsigned int raw_flag, void * buf, size_t * buf_size);


gnutls_x509_crt_t cert

should contain a gnutls_x509_crt_t type

const char * oid

holds an Object Identified in null terminated string

unsigned indx

In case multiple same OIDs exist in the RDN, this specifies which to send. Use (0) to get the first one.

unsigned int raw_flag

If non-zero returns the raw DER data of the DN part.

void * buf

a pointer to a structure to hold the name (may be null)

size_t * buf_size

initially holds the size of  buf


This function will extract the part of the name of the Certificate issuer specified by the given OID. The output, if the raw flag is not used, will be encoded as described in RFC4514. Thus a string that is ASCII or UTF-8 encoded, depending on the certificate data.

Some helper macros with popular OIDs can be found in gnutls/x509.h If raw flag is (0), this function will only return known OIDs as text. Other OIDs will be DER encoded, as described in RFC4514 -- in hex format with a '#' prefix.  You can check about known OIDs using gnutls_x509_dn_oid_known().

If  buf is null then only the size will be filled. If the  raw_flag is not specified the output is always null terminated, although the
buf_size will not include the null character.


GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and in that case the  buf_size will be updated with the required size. GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if there  are no data in the current index. On success 0 is returned.

Reporting Bugs

Report bugs to <>.
Home page:

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit


3.5.9 gnutls