Hi all
I am trying to upload privatekey from buffer in mem
I secseeded doing it with CAcert
now I am trying to upload client-cert and privatekey for mutual authentication
but I keep getting errors (connection failed - like it wont read and use it in
the right way)
I know my key and cert are ok cause when I do it by files it turns out good.
can you please advise .
the code I tried is : (for privatekey)
EVP_PKEY *pkey = NULL;
BIO * bio_client_Pkey;
char myPkey_client[] =
"-----BEGIN RSA PRIVATE KEY-----\n"\
"MIICXQIBAAKBgQDKst2ziMGFmAhVWSTTldHLHd9YZxLgFzA5t9PnW80R4p3ZwmqU\n"\
"etEXJut4d8VXpyOO6h98gYHvW0AQzfnW7ZDRA8dbQjgu4yJ23P37xrRBfVfwh9Ir\n"\
"keh0sX4xPRrQZf72h6+geTz4coes44+VZikq/jcQN50NHFU6UCTKfctFlwIDAQAB\n"\
"AoGAS+C7N1rpPq5T6EcvjvkViNiM5BXprfNgPSsAayolUR2pA3xQ03ZKUUVjfjwv\n"\
"polNuVERKlV8o3JgQCoq7XcO71QAH0Wp1/KIqq6X3LTb5e7yiWey46Sg2fn0egDf\n"\
"74LB/Dl9h/l36QrU3V0CMu1R/r5DBIXM9/EzKnqBInxRiRECQQD7WBqm1NvIO9ER\n"\
"mwM06eSPcCV4KDznjLIeaHe1FTt5Uh7pQ2R3Z29pKHs0hj7pgG8OLpNMnKxGg9Pt\n"\
"ehw8EbLZAkEAznQUtaFv9tIuuAYuNTn0zQJ4vNQLSHaXpbTbllbS8/FxDzdocGde\n"\
"VEOnfs+SHfveVsHN1Q/oeiAKd7Ui93WV7wJBAJhc4Esh3dmT6Tjy7w60eok5Qn2E\n"\
"Zuc2swMb8PUk2djBn1toLw7y9OaaU5WTi6+g27GNKl3W29gjMeVTkKoZUIECQCZF\n"\
"hJVLEQtrWTfKBYTecpASljlDAbh0K5aPWWmcPMz2BCRy/AxiTS1HwWQTrJ2cVFI2\n"\
"6SZHJayGBgq87Hd9N8cCQQCIP9uJH1M2X/iG5KLEkbp3ruJyzMmCp2zIYyNK20EJ\n"\
"UVLgPI7OVsUiNnxWEcbfzBqkiFMXIXrwfwbPAfzJZCex\n"\
"-----END RSA PRIVATE KEY-----\n";
if( (bio_client_Pkey=BIO_new_mem_buf((void *)myPkey_client,
sizeof(myPkey_client))) == NULL)
return -1 ;
if( (pkey=PEM_read_bio_PrivateKey(bio_client_Pkey, NULL, NULL, NULL)) ==
NULL)
return -1 ;
BIO_free(bio);
SSL_CTX_use_PrivateKey((SSL_CTX *)sslctx,pkey);
//--------------------------------------------------------------------
//and for the clientcertificate
//client certificate - uploading from memory and store in DB
X509_STORE * store_client;
X509 * cert_client =NULL;
X509_free(cert_client);
BIO * bio_client;
char * mypem_client =
"-----BEGIN CERTIFICATE-----\n"\
"MIICxzCCAjCgAwIBAgIBBDANBgkqhkiG9w0BAQUFADBrMQswCQYDVQQGEwJVUzEL\n"\
"MAkGA1UECBMCTlkxDzANBgNVBAoTBllvZ2dpZTEkMCIGA1UECxMbWW9nZ2llIFNl\n"\
"Y3VyaXR5IFN5c3RlbXMgTFREMRgwFgYDVQQDEw9rY3MuZGVmYXVsdC5jb20wHhcN\n"\
"MDkwMTEyMTg0NzMxWhcNMTkwMTEwMTg0NzMxWjBrMQswCQYDVQQGEwJVUzELMAkG\n"\
"A1UECBMCTlkxDzANBgNVBAoTBllvZ2dpZTEkMCIGA1UECxMbWW9nZ2llIFNlY3Vy\n"\
"aXR5IFN5c3RlbXMgTFREMRgwFgYDVQQDEw9rY3MuZGVmYXVsdC5jb20wgZ8wDQYJ\n"\
"KoZIhvcNAQEBBQADgY0AMIGJAoGBAORMsv2T7s5GFwIKSn2iBBS7kl20rODz6/fW\n"\
"0gbjS5AOPzcv/C6exWL5PF2xEbhLstW3+zANR1xw82bi2BpWuSiLmJBnmMLpKVBo\n"\
"/VpjVbmUnchXXCMvPlqX8XGygyIR+zRi0Wc01/DI3VnHWW7jo0LM6VnhYex+MgCb\n"\
"+vIPfxiFAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5T\n"\
"U0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBR5FMMf2xpxYqtX7psu\n"\
"O3JbTSc6uDAfBgNVHSMEGDAWgBQUaM0TkY8jQjSh8NG/SkRBKUTXHzANBgkqhkiG\n"\
"9w0BAQUFAAOBgQA+y878KUAMETO4e6eSjEYmYGOQkX+TKinNK8AfSDuY8TtdrVLJ\n"\
"xKodnp83qF0oE0jQaz66PYtN9qsctjp23NCQoXkPplyGAAIUjFLEAg+fhrlbizpu\n"\
"wThLptBpqqbMdTyB9PWvWCAyLoZYOc+Q2ulutr8Yu+mg7q8Oealte6RFxA==\n"\
"-----END CERTIFICATE-----\n";
bio_client=BIO_new_mem_buf(mypem_client, -1);
PEM_read_bio_X509(bio_client, &cert_client, 0, NULL);
if (cert_client == NULL)
return -1 ;
if (SSL_CTX_use_certificate((SSL_CTX *)sslctx,cert_client) !=1 )
return -1 ;
//---------------------------------------------------------------------------------
apriciate your advise
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
