david kine wrote:
I am writing an SSL client which utilizes a PKCS12 keystore.I am able to create the keystore using OpenSSL utilities, read the .p12 file using d2i_PKCS12_fp(), and parse it using PKCS12_parse(). The X509 and STACK_OF( X509 ) return parameters are all correct. The next thing I need to do is set the trusted root certificate authorities into a SSL_CTX. Normally, this is done with SSL_CTX_load_verify_locations(), which reads a PEM file. However, I already have the X509 certificates in memory, but I cannot find a function to load them into the SSL_CTX. How does one load verify locations into a SSL_CTX from in-memory X509 certificates?
You can get the X509_STORE from the SSL_CTX. There you do an X509_STORE_add_cert() Bye Goetz -- DMCA: The greed of the few outweighs the freedom of the many
smime.p7s
Description: S/MIME Cryptographic Signature
