> Is it safe to have a thread reload trusted certificates and crls into a > SSL_CTX's X509_STORE while connections are running in other threads, > especially when considering renegotiations?
As a general rule, multi-thread simultaneous access doesn't work and will often make things go ka-boom. But generally ongoing connections use SSL objects, not SSL_CTX, so a brief locking scheme should be okay. Objects are copied and ref-counted when an SSL is created from an SSL_CTX... -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
