On Thu, Feb 09, 2006, Xie Grace Jingru-LJX001 wrote: > > If the privkey and cacert have to be hard-coded in the image (by using > #define), how can I tell SSL to look into these constants for the key and > cert instead of the default directory? Which SSL routine I need to change to > let SSL know the new location of the key and certificate? >
Well you wont get it with a #define but a variable will do. There are several methods to do this. The OpenSSL "x509" utility has a -C option which will output C code directly. Alternatively you can convert the data in DER format using for example: openssl x509 -in cert.pem -outform DER -out cert.der then the Unix utility "xxd" can convert this to a C array. Then a d2i ASN1 function can convert the result into an X509 structure. This X509 structure can then be used to pass the certificate to the SSL library. A private key is similar except you use a different d2i function and get an EVP_PKEY structure. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
