On Tue, Nov 30, 2010, Fili, Tom wrote:
> Thanks, but I was more looking for docs on the interop of OpenSSL and
> the Crypto API. I got pretty most info from the capi that I needed
> except the private key, which from what I've read may not always be
> exportable anyway. I was looking for how to call the following functions
> with a location in the store, instead of a file.
>
> SSL_CTX_load_verify_locations
> SSL_CTX_use_PrivateKey_file
> SSL_CTX_use_certificate_chain_file
>
> or replacement functions that need to be called instead.
>
> Also, I'm having issues compiling with capi engine support. The engine
> doesn't appear to load as I get NULL from ENGINE_by_id("capi");
>
When you build OpenSSL it should produce a capi.dll file which needs to be
installed in an appopriate place: where depends on how you've configured
OpenSSL.
Do you want to use the private key for client authentication? If so there is
an automatic certificate selection process which may help.
Otherwise you call ENGINE_load_privatekey(engine, id, NULL, NULL); then
pass the EVP_PKEY structure to SSL_CTX_use_PrivateKey().
Where id is (by default) a string passed to CertFindCertificateInStore().
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
