From: Douglas **UNKNOWN CHARSET** <[EMAIL PROTECTED]>
douglas> /* this is where I am confused, From reading ariels "manuals" I get the
douglas> impression that I should create a X509_STORE that contains the ca-cert.
douglas> Then I should init the X509_STORE_CTX with this and also an
douglas> STACK_OF(X509) containing the cert I would like to verify with the
douglas> ca-cert */
Hmm, from what I can understand, it's the other way around: the single
cert you give to X509_STORE_CTX_init is the cert to verify, while the
STACK_OF(X509) is an extra chain of certs that may be used to verify
against. The X509_STORE should contain whatever root or CA certs you
happen to keep around.
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, Celo Communications: http://www.celocom.com/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]