You could put them all in one file, and provide that filename as the second
argument to SSL_CTX_load_verify_locations(). You could also put each trusted
root certificate in its own file in a directory devoted just to these files,
and point to this directory with the third argument to
SSL_CTX_load_verify_locations(). The filenames have to be special, however.
The filename has to be the hash of the subject name in the certificate.

I don't know exactly what the advantage of one way over the other is.

_____________________________________
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_____________________________________



----- Original Message -----
From: "George Lind" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 01, 2001 8:54 AM
Subject: multiple trusted authorities


> How do I let my server accept certificates from multiple trusted
> authorities? Do I combine the certificates into one big file?
>
> Thanks,
> George
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [EMAIL PROTECTED]
> Automated List Manager                           [EMAIL PROTECTED]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to