Hi all,
I want to load a certs chain from memory ( ie. From a std::string variable
with the certs chain’s content loading from the mysql db ).
The content of certs chain is like a CAfile.
Because loading from memory, can not call the
“SSL_CTX_load_verify_locations” api.
So I call “SSL_CTX_add_extra_chain_cert” instead of
“SSL_CTX_load_verify_locations”,
but “SSL_CTX_add_extra_chain_cert” only load the first cert in the chain,
not all of them.
And I can’t get the number of certs in a chain. The content of chain is
uploaded from webpage.
Following is the demo code:
if( !chain.empty() ){
mpBIO = BIO_new_mem_buf((void*) chain.c_str(),
chain.size());
mpCertChain = PEM_read_bio_X509( mpBIO,NULL, NULL,
NULL );
if( !SSL_CTX_add_extra_chain_cert( mpSSLCtx,
mpCertChain ) ){
const char * errMsg =
ERR_error_string(ERR_get_error(),NULL);
throw std::logic_err(errMsg);
}
}
Is there any workround for this question?
Thanks a lot!
Best wishes!
Miles.zhaof
2012-12-21
