Thanks - it worked. I hacked libwww to call
SSL_CTX_load_verify_locations.
Regards,
Charles Walker
Vadim Fedukovich wrote:
>
> On Sat, 9 Sep 2000, Charles Walker wrote:
>
> > I have written some client code which uses OpenSSL plus libwww to
> > retrieve files from a server. In the environment where this thing runs,
> > we don't really care about authenticating the server, so we want to use
> > a self signed certificate or make up our own little certificate
> > authority. We only want to use the server certificate as a means for
> > sending the server's public key to the client.
> >
> > When I run this application, somewhere down in OpenSSL it is deciding
> > that the certificate is not trusted. It seems to have some sort of
> > store of trusted CA's, or something like that.
>
> Yes, a directory with funny "hash" names soft-linked to files
> holding CA certificates.
>
> > I need a way to call something in OpenSSL to tell OpenSSL that our own
> > little certificate authority is trusted. Does anybody know what I need
> > to do?
>
> Fast easy way would be to specify name of the file with your CA
> certificate inside:
> SSL_CTX_load_verify_locations(ctx, file, NULL)
>
> hope it helps,
> Vadim
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
--
=======================================
Charles Walker, Networking Consultant, Trio Networks
mail: [EMAIL PROTECTED] Web: http://www.trionetworks.com
Business Phone: +44 (0)1494 680077 Mobile: +44 (0)7720 291053
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
