On Thu, Mar 02, 2006, Mikhail Kruk wrote: > Hello, > I want my application to trust certificates sign by the major CAs out > there. Does anyone know of a way to hook up to the place where Windows > stores its list of CAs? Or maybe just a place where I can download the > keys of the standard CAs (like Verisign, Thawte...). Is there such thing > as standard list or does everyone just come up with a bunch of CAs they > like?
You can export the root CA list in MSIE into a PKCS#7 structure. Then OpenSSL can be used to convert that into a list of trusted CAs it can use. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]