>I prefer more generic method similar to ENGINE_load_ssl_client_cert, i.e. I need EVP keys, > corresponding certificates and the certificate chain.
Additional methods has "server" in it's names for the same reason why "ENGINE_load_ssl_client_cert" has "client" in it. ENGINE_load_server_certificate() intended to work in pair with ENGINE_load_private_key() to allow engine to load certificate correspondent to it's private key. And present obtained certificate to client during SSL handshake. That it. You can always get required EVP_PKEY keys from loaded X509 structure. But I can't get why you may need certificate chain for your certificate if you are server. Andrey
>I prefer more generic method similar to ENGINE_load_ssl_client_cert, i.e. I need EVP keys,
> corresponding certificates and the certificate chain.
> corresponding certificates and the certificate chain.
Additional methods has "server" in it's names for the same reason why "ENGINE_load_ssl_client_cert" has "client" in it.
ENGINE_load_server_certificate() intended to work in pair with ENGINE_load_private_key() to allow engine to load certificate correspondent to it's private key.
And present obtained certificate to client during SSL handshake. That it.
You can always get required EVP_PKEY keys from loaded X509 structure.
But I can't get why you may need certificate chain for your certificate if you are server.
