Hi,
I'm trying to devellop an app which should be able to verify if a
certificate might be trusted.
I have a directory where I store CA root certificates. I want my app to
check if a certificate is signed by the mentioned CA on the ISSUER
field. In order to do this, it might look on this directory and check if
it can find the root certificate of the CA who signed the certificate.
I use this code (I removed the error processing for the mail):
lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir())
....
X509_LOOKUP_add_dir(lookup,"./roots",X509_FILETYPE_ASN1)
/* Certs in DER */
....
verify_ctx=X509_STORE_CTX_new()
....
X509_STORE_CTX_init(verify_ctx,store,cert,NULL)
....
X509_verify_cert(verify_ctx)
It never returns 1.
Does anybody have an idea ?
Regards
--
Florian Manach
NUMLOG
[EMAIL PROTECTED]
(+33)0130791616
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]