On Fri, Feb 21, 2003, Austin Krauss wrote: > Hello all, I've used the PKCS12_parse( ) function to obtain a stack of CA >certificates from a PKCS12 buffer. Now I'd like to load these certificates as trusted >CAs in my SSL_CTX object. My first attempt at this goes something like: > > /* And add the CAs to our trusted stack */ > cert_store = SSL_CTX_get_cert_store(ctx); > X509_STORE_CTX_trusted_stack(cert_store, ca); > > However, I don't think this is correct and I don't think I fully understand the >relationship between an X509_STORE and an X509_STORE_CTX. Any suggestions? >
No it isn't right. One is a X509_STORE the other X509_STORE_CTX which is different. You don't have access to the X509_STORE_CTX used by the SSL library in any case. To add certs to the store call X509_STORE_add_cert() for every certificate in the STACK. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
