gnutls_x509_crq_get_dn_by_oid — API function


#include <gnutls/x509.h>

int gnutls_x509_crq_get_dn_by_oid(gnutls_x509_crq_t crq, const char * oid, unsigned indx, unsigned int raw_flag, void * buf, size_t * buf_size);


gnutls_x509_crq_t crq

should contain a gnutls_x509_crq_t type

const char * oid

holds an Object Identifier in a null terminated string

unsigned indx

In case multiple same OIDs exist in the RDN, this specifies which to get. Use (0) to get the first one.

unsigned int raw_flag

If non-zero returns the raw DER data of the DN part.

void * buf

a pointer to a structure to hold the name (may be NULL)

size_t * buf_size

initially holds the size of  buf


This function will extract the part of the name of the Certificate request subject, specified by the given OID. The output will be encoded as described in RFC2253. The output string will be ASCII or UTF-8 encoded, depending on the certificate data.

Some helper macros with popular OIDs can be found in gnutls/x509.h If raw flag is (0), this function will only return known OIDs as text. Other OIDs will be DER encoded, as described in RFC2253 -- in hex format with a 'using gnutls_x509_dn_oid_known().


GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and in that case the * buf_size will be updated with the required size.  On success 0 is returned.

Reporting Bugs

Report bugs to <>.
Home page:

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit


3.6.9 gnutls