I am planning on adding code to call SSL_CTX_use_PrivateKey. I do not have a key file to supply, so I cannot use SSL_CTX_use_PrivateKey_file.
However, I thought I would ask about this because I've reviewed the code for both of those procedures and still see no place where the privatekey member variable would be defined. So it seems like a useless endeavor. Again... what am I missing? Where does that member get defined? -Ike- John Eichenberger Principal Engineer, Sustaining Engineering Intermec tel: 425.265.2108 fax: 425.348.2661 john.eichenber...@intermec.com -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Victor Duchovni Sent: Monday, November 01, 2010 11:28 AM To: openssl-users@openssl.org Subject: Re: How does "privatekey" ever get defined? On Mon, Nov 01, 2010 at 01:06:50PM -0500, Eichenberger, John wrote: > I have been looking at OpenSSL version 1.0.0a source code in order to > determine how to use it in an application where EAP TLS is used. It > seems like this application would be working correctly if only the > "privatekey" field would be defined as it gets checked within > ssl3_send_client_certificate (ssl\s3_clnt.c). To associate a private key + public key cert (chain) pair with an SSL context: if (SSL_CTX_use_certificate_chain_file(ctx, cert_file) <= 0) { /* handle the error */ } if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0) { /* handle the error */ } You can associate one key pair for each public key type, currently: - RSA - DSA - ECDSA If you need to support SNI on the server-side, there are some additional games with personality-specific SSL contexts that are dynamically assigned to the session based on SNI requests from the client. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org This message is intended only for the named recipient. If you are not the intended recipient, you are notified that disclosing, copying, distributing or taking any action based on the contents of this information is strictly prohibited. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
