[EMAIL PROTECTED] wrote:
Hi,
I'm using openssl, (I think the slimmed down engine version), and
openssl 0.9.6 ? since there's no separate engine verion for openssl >= 0.9.7
attempting to support a program written by someone else. The server that
I'm talking to recently moved to a new ISP and the program stopped
working. It should be as simple as getting the server's new certificate
and it should work. The problem is that I can't find ANY place where
this program is using a keystore, (*.pem), so I can't add the new cert.
All of the typical directories, (e.g. /certs), are empty, (and I mean
all of them). In both production and the test environment, there are no
certificate files off of any of the usual directories and the program
itself doesn't open or use any keystore files in any of the SSL library
calls. Normally, you'd just find the keystore and add the new
certificate and all would be well. My question is this; since I don't
see any place that this program is using a private key or a certificate
store, how is it working? Where does it get a list of CA's etc.? Does
openSSL provide an internal keystore in the libraries? It has to be
getting this information from somewhere to complete the handshake
process. Thanks in advance.
perhaps the keys certs are hardcoded ... If you have the source code
available the parameters of functions like SSL_CTX_set_cert_store()
might tell you which certs are used.
Cheers,
NIls
PS: Please don't send mails to openssl-dev _and_ openssl-users. One
list should be sufficient (in this case openssl-users).
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
