Hi Guys
I have a question about Mutual authentication.
After big help from your side (Thanks Shahin and Patrick) I secseeded to upload
the server certificate from memory
and it works great verifying the server certificate
in the second fase
I configure my server to verify client certificate.
I am trying now to do the same for my certificate (Client). (upload from
memory)
My Q is :
should I do the same with the client certificate ?
Is there a open-ssl function/struct that get the client certificate ?
Thank you very much for your help.
Itay
(I added the code I used - adding my server certificate from memory) - I am
using CURL-lib here
*****************************************************************************
int ssl_ctx(CURL *curl void * sslctx, void * parm)
{
X509_STORE * store;
X509 * cert=NULL;
BIO * bio;
char * mypem = buf;
// get a BIO
bio=BIO_new_mem_buf(mypem, -1);
// use it to read the PEM formatted certificate from memory into an X509
//structure that SSL can use
PEM_read_bio_X509(bio, &cert, 0, NULL);
if (cert == NULL)
return false ;
// get a pointer to the X509 certificate store (which may be empty!) //
store=SSL_CTX_get_cert_store((SSL_CTX *)sslctx);
// add our certificate to this store
if (X509_STORE_add_cert(store, cert)==0)
return false ;
// all set to go
return true ;
}
*******************************************************************************
Thanks
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
