On Wed, Apr 02, 2008, GeraGray wrote: > Hi, > > My server application now reads server and root certificates from > files, like that: > SSL_CTX_use_certificate_chain_file(ctx, ser_cert); > SSL_CTX_use_PrivateKey_file(ctx, ser_key, SSL_FILETYPE_PEM); > SSL_CTX_load_verify_locations(ctx, rootcert, NULL); > > But for security reasons it been decided that certifictes should not > be stored in the file system but keep in the memory. I found a > replacement for the 1st and 2nd function (where buf is a char array > with certificates): > SSL_CTX_use_certificate_ASN1(ctx, len, buf); > SSL_CTX_use_PrivateKey_ASN1(ctx, len, buf); > > but i can't find anything similar for loading root certificate. Does > anybody know a way to load root certificate from memory? >
You convert the certiifcate into an X509 structure using d2i_X509() then retrieve the SSL_CTX store using SSL_CTX_get_store. Add the cert using X509_STORE_add_cert(). Finally free up the X509 structure with X509_free(). Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
