How to verify a certificate against several others

Florian MANACH Thu, 05 Jul 2007 06:07:14 -0700

Hi,

I'm trying to devellop an app which should be able to verify if acertificate might be trusted.

I have a directory where I store CA root certificates. I want my app tocheck if a certificate is signed by the mentioned CA on the ISSUERfield. In order to do this, it might look on this directory and check ifit can find the root certificate of the CA who signed the certificate.


I use this code (I removed the error processing for the mail):

lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir())
....
X509_LOOKUP_add_dir(lookup,"./roots",X509_FILETYPE_ASN1)
/* Certs in DER */
....
verify_ctx=X509_STORE_CTX_new()
....
X509_STORE_CTX_init(verify_ctx,store,cert,NULL)
....
X509_verify_cert(verify_ctx)

It never returns 1.

Does anybody have an idea ?

Regards
--
Florian Manach
NUMLOG
[EMAIL PROTECTED]
(+33)0130791616
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

How to verify a certificate against several others

Reply via email to