Hi there,
I'm currently working on an application that uses SSL for its Internet
communications. In this applications, I am verifying the certificates
being used, which requires that I execute the
SSL_CTX_load_verify_locations() method as shown below:
#define CAFILE "root.pem"
#define CADIR NULL
#define CERTFILE "server.pem"
SSL_CTX *setup_server_ctx()
{
SSL_CTX *ctx;
*if (SSL_CTX_load_verify_locations(ctx, CAFILE, CADIR) != 1)
int_error("Error loading CA file and/or directory")*;
if (SSL_CTX_set_default_verify_paths(ctx) != 1)
int_error("Error loading default CA file and/or directory");
ctx = SSL_CTX_new(SSLv3_method());
if (SSL_CTX_use_certificate_chain_file(ctx, CERTFILE) != 1)
int_error("Error loading certificate from file");
if (SSL_CTX_use_PrivateKey_file(ctx, CERTFILE, SSL_FILETYPE_PEM) != 1)
int_error("Error loading private key from file");
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verify_callback);
SSL_CTX_set_verify_depth(ctx, 4);
return ctx;
}
Unfortunately, when the program executes the SSL_CTX_load_verify_locations() method, a
Segmentation Fault is signaled. I have ensured that both the root.pem and server.pem
certificates exist and they appear to be valid (i.e., I can view them using the openssl
command line program).
My environment is Redhat Linux v7.3 with OpenSSL 0.9.6b-28.
Any thoughts and/or suggestions?!?!
Thank you in advance,
Paul
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
