Hey guys,
I am a newbie to secure sockets, but understand the theory enough to be able to
implement SSL on top of libCurl.
I am trying to communicate over SSL with a HTTPS server.
I have been given a self-signed CA certificate as a const char* stream (no file
system available), and am struggling to get the handshaking working (am getting
this error: X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
The CA Certificate is in PEM format, and I cannot find methods to convert that
certificate (via code) to DER so that I can add the cert to the root chain.
E.g.
I want to do this...
X509 *x509 = NULL;
unsigned char *c;
c = server_cert_der;
x509 = d2i_X509( NULL, &c, (long) sizeof( server_cert_der ) );
if( x509 == NULL ){
printf("ERROR: failed to d2i_X509\n");
}
if( !SSL_CTX_add_extra_chain_cert( ctx, x509 ) ){
printf("ERROR: failed to SSL_CTX_add_extra_chain_cert\n");
}
Does anyone know how to perform any of the following:
A) Convert the .PEM string to .DER so I can perform the above
B) Use routines within openSSL so I can add the cert as a PEM and avoid any
conversion step.
Thanks in advance,
-twelves-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
