Re: CA cert in DER format usage

Mon, 16 Mar 2009 12:59:15 -0700 

Actually, I'm perhaps a bit wrong.

Open the file containing the DER representation of the certificate,
read the file to its end, get the length that you read, close the
file, and then SSL_CTX_use_certificate_ASN1(sslctx, len, derbuffer);.

-Kyle H

On Mon, Mar 16, 2009 at 12:46 PM, Kyle Hamilton <aerow...@gmail.com> wrote:
> SSL_FILETYPE_ASN1 should handle DER format.  SSL_FILETYPE_PEM should
> handle PEM format.  If it does not, it's a bug.
>
> Which version of the OpenSSL library are you using?
>
> -Kyle H
>
> On Mon, Mar 16, 2009 at 6:00 AM, sudeepta <sudeept...@yahoo.co.in> wrote:
>>
>> Hi,
>>
>> I am writing a server application which is supposed to use certificates/keys
>> in DER format only. In my code, I am using the following functions for
>> loading the server certificate and its private key respectively.
>>
>> SSL_CTX_use_certificate_file(pSSLCtx,"server.cer",SSL_FILETYPE_ASN1) and
>> SSL_CTX_use_PrivateKey_file(pSSLCtx,"key.cer",SSL_FILETYPE_ASN1)
>>
>> The root CA file for the client certificate is also in DER format (i.e.
>> rootCA.cer).I am having trouble loading this certificate for client
>> verification. I initially tried using the following function :
>> SSL_CTX_load_verify_locations()
>> But it seems it is only applicable for PEM formats only.
>>
>> Is there any other function which uses ASN1/DER format? Or do i have to
>> convert the root CA file into PEM format before using?
>>
>> Thanks in advance..
>>
>>
>> Regards
>> Sudeepta
>>
>>
>>
>>
>> --
>> View this message in context: 
>> http://www.nabble.com/CA-cert-in-DER-format-usage-tp22537600p22537600.html
>> Sent from the OpenSSL - User mailing list archive at Nabble.com.
>> ______________________________________________________________________
>> OpenSSL Project                                 http://www.openssl.org
>> User Support Mailing List                    openssl-us...@openssl.org
>> Automated List Manager                           majord...@openssl.org
>>
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to