Hi Eric Murray, (are you the buddy also known as the "Marlboro Man"?)
regarding your question, you should know in first place: openssl.cnf and the environment value OPENSSL_CONF are _not_ used by the OpenSSL library by default. With one exception: you compiled your own OpenSSL lib with -D OPENSSL_LOAD_CONF I tried this some weeks before and ran into next problem, then I lost the fun to try out more ... with best regards, Modem Man (aka "Sarge") > How do you point to a dir (hashed by c_rehash) > of trusted CA files (for clients verifying > server certs) in openssl.cnf? Is it the 'certs' directive? > > The comment for certs in the example openssl.cnf says > "# Where the issued certs are kept" > and it is in the default_ca stanza which doesn't seem like it would > affect clients. > > Is there a way to specify multiple dirs? > > I know I can use SSL_CTX_load_verify_locations() to set the location > but I want to do it using the conf file so programmers calling > openssl don't have to know to call SSL_CTX_load_verify_locations() > to get my dir(s) of trusted CA certs. > > Thanks! > > Eric > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
