On Sat, 9 Sep 2000, Charles Walker wrote:
> I have written some client code which uses OpenSSL plus libwww to
> retrieve files from a server. In the environment where this thing runs,
> we don't really care about authenticating the server, so we want to use
> a self signed certificate or make up our own little certificate
> authority. We only want to use the server certificate as a means for
> sending the server's public key to the client.
>
> When I run this application, somewhere down in OpenSSL it is deciding
> that the certificate is not trusted. It seems to have some sort of
> store of trusted CA's, or something like that.
Yes, a directory with funny "hash" names soft-linked to files
holding CA certificates.
> I need a way to call something in OpenSSL to tell OpenSSL that our own
> little certificate authority is trusted. Does anybody know what I need
> to do?
Fast easy way would be to specify name of the file with your CA
certificate inside:
SSL_CTX_load_verify_locations(ctx, file, NULL)
hope it helps,
Vadim
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
