I am using the same method, i am not able to load private key.
On Fri, Dec 3, 2010 at 2:47 PM, Fili, Tom <tf...@agi.com> wrote:
> Ok, I got it loading. Thanks.
>
> I'm still have an issue, which would stem from my lack of understanding
> of OpenSSL. This seems to succeed in giving me the private key.
>
> ENGINE_load_builtin_engines();
> if( ENGINE *e = ENGINE_by_id("capi") )
> {
> if( ENGINE_init(e) )
> {
> ENGINE_register_complete(e);
>
> EVP_PKEY *privateKey = ENGINE_load_private_key(e,
> certificate.Subject().c_str(), 0, 0);
> SSL_CTX_use_PrivateKey(pContext, privateKey);
>
> ENGINE_finish(e);
> ENGINE_free(e);
> }
> }
>
> Now I need to make the equivalent call for SSL_CTX_use_certificate_file
> which I'm guessing is SSL_CTX_use_certificate and I get the cert from
> ENGINE_load_ssl_client_cert. I'm a little unclear on what to pass into
> ENGINE_load_ssl_client_cert.
>
> Also, will SSL_CTX_set_default_verify_paths use the CA certs from the
> Windows store or is there another engine call I have to make?
>
> Again, thanks. You have been so helpful.
>
> -----Original Message-----
> From: owner-openssl-us...@openssl.org
> [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
> Sent: Friday, December 03, 2010 12:27 PM
> To: openssl-users@openssl.org
> Subject: Re: Private Key from Windows Cert Store
>
> On Fri, Dec 03, 2010, Fili, Tom wrote:
>
> > I rebuild OpenSSL and didn't get a capi.dll. I'm using 0.9.8k. Is
> there
> > something I'm missing in the build process that I need to change to
> get
> > the engines to compiled in. From what I've read it looks like it
> builds
> > these engines into the openssl dlls.
> >
> > The following returns still NULL for me.
> >
> > ENGINE_load_builtin_engines();
> > ENGINE *e = ENGINE_by_id("capi");
> >
>
> The CAPI ENGINE isn't compiled in by default in OpenSSL 0.9.8x, it needs
> the
> command line switch enable-capieng to Configure. Also the ENGINE dll
> build
> process isn't enabled in 0.9.8x so you'll get it built into
> libeay32.dll.
>
> The CAPI ENGINE is compiled by default in 1.0.0x and the dll ENGINE
> support
> enabled so you should get a capi.dll with that.
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
