I have a situation where I'd like my client to validate
against my server, but I don't expect the default CA
.pem files for openSSL to be there.
Is there a way to take
SSL_CTX *mySSL_CTX = existing_ssl_ctx;
char *foo = "....valid pem string....";
BIO *bio = BIO_new_mem_buf(foo, -1);
X509 *cert = PEM_read_bio_X509(bio, &cert, 0, NULL);
and stick it into the the SSL_CTX the way all the sample
code does with things like
X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
only with the BIO?
Or is there a hint at where I should look for a better guess about
mapping an X509* somewhere into the CA list for an SSL_CTX*
Dan Schmitt
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
